[Slackbuilds-users] wifi-radar.conf need better perms

Robby Workman rworkman at slackbuilds.org
Tue Mar 11 16:19:44 EDT 2008


Phillip Warner wrote:
> I just installed wifi-radar via the slackBuild and I noticed that it 
> installed /etc/wifi-radar/wifi-radar.conf with read permissions to 
> everyone.  This is not good considering this is the file your wireless 
> keys are stored on.  I think the read perms for group and others should 
> be taken away just like they are on /etc/rc.d/rc.wireless.conf.


Agreed; I'll handle that in the next update.


> Seeing as how some people may have already used this slackBuild without 
> fixing the perms, the easiest way to fix this would probably be to add a 
> 'chmod go-r /etc/wifi-radar/wifi-radar.conf*' at the end of doinst.sh.  
> That way, even if the user did not change their config we can be sure 
> the perms are right.


Well, I'm not sure that's the right approach - there may very well be
some cases where the admin has assigned group permissions to be
readable or even writable, and we don't want to blow that away.
That being said, it is somewhat of a corner case, and I guess that,
all things considered, it's probably better for the admin to have to
reset those permissions than to have compromised private key.

-RW




More information about the Slackbuilds-users mailing list