Opened 13 years ago
#3862 new bug
world-readable posgresql account passwords in QGIS.conf
Reported by: | strk | Owned by: | nobody |
---|---|---|---|
Priority: | major: does not work as expected | Milestone: | Version 1.7.0 |
Component: | Data Provider | Version: | Trunk |
Keywords: | Cc: | ||
Must Fix for Release: | Yes | Platform: | Debian |
Platform Version: | Awaiting user input: | no |
Description
I've seen ~/.config/QuantumGIS/QGIS.conf is created as world-readable, and contains posgresql account passwords...
Looking for other examples I've found vlc and transmission configs also having some passwords, and they are properly created with permissions 0600.
BTW, there's no appropriate Component value for this ticket
Note:
See TracTickets
for help on using tickets.