Package: nullmailer Version: 1:1.13-1 Severity: grave The nullmailer package keeps sensitive information like users and passwords to the mail accounts on the remote SMTP servers in the '/etc/nullmailer/remotes' file, which is secured by 600 permissions and owned by mail:mail. However, after running command:
dpkg-reconfigure -f noninteractive nullmailer contents of this file are stored in the debconf database as cleartext in the 'nullmailer/relayhost' database key and can be read by any user using the command: debconf-get-selections | grep nullmailer The 'dpkg-reconfigure' command cannot be executed directly by unprivileged users. However, the debconf database reads the contents of the '/etc/nullmailer/remotes' file and includes its contents in the database on package installation. This behaviour occurs again on package reinstallation - the debconf database is automatically updated with the contents of the '/etc/nullmailer/remotes' file. Therefore the sensitive information might show up in the 'debconf-get-selections' output after an automatic package upgrade or package reinstallation. Regards, Maciej
pgp38zGIUXYbf.pgp
Description: PGP signature
