Bug#611501: /usr/local/share/ca-certificates/ group-writable

Sat, 29 Jan 2011 18:39:18 -0800 

Package: ca-certificates
Version: 20090814+nmu2
Severity: important
Tags: security


Hi.

Files in /usr/local/share/ca-certificates/ are installed as system wide
certificates, thus even affecting root (e.g. if he or the system security
depends on a "secure" /etc/ssl/certs)

This directory is however owned by group staff and group-writable, which is
IMHO a reasonable big security problem.

Could you consider to change this (and especially also change it on already
existing installations).


Cheers,
Chris.



-- 
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org

Reply via email to