Public bug reported:
The default permissions of /etc/openfortivpn/config are -rw-r--r--
Since this file, when used, will have a high chance of containing passwords, it
wou be better to restrict access to root only.
ProblemType: Bug
DistroRelease: Ubuntu 20.04
Package: openfortivpn 1.12.0-1
ProcVersionSignature:
Uname: Linux 5.4.78-2-pve x86_64
ApportVersion: 2.20.11-0ubuntu27.13
Architecture: amd64
CasperMD5CheckResult: skip
Date: Mon Dec 14 17:51:59 2020
SourcePackage: openfortivpn
UpgradeStatus: No upgrade log present (probably fresh install)
modified.conffile..etc.openfortivpn.config: [modified]
mtime.conffile..etc.openfortivpn.config: 2020-12-14T17:28:03.932239
** Affects: openfortivpn (Ubuntu)
Importance: Undecided
Status: New
** Tags: amd64 apport-bug focal
** Information type changed from Private Security to Public
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1908095
Title:
/etc/openfortivpn/config is world readable but might contain passwords
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/openfortivpn/+bug/1908095/+subscriptions
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
