[Slackbuilds-users] wifi-radar.conf need better perms
ciol13 at gmail.com
Tue Mar 11 16:55:34 EDT 2008
Robby Workman wrote:
> Phillip Warner wrote:
>> I just installed wifi-radar via the slackBuild and I noticed that it
>> installed /etc/wifi-radar/wifi-radar.conf with read permissions to
>> everyone. This is not good considering this is the file your wireless
>> keys are stored on. I think the read perms for group and others
>> should be taken away just like they are on /etc/rc.d/rc.wireless.conf.
> Agreed; I'll handle that in the next update.
>> Seeing as how some people may have already used this slackBuild
>> without fixing the perms, the easiest way to fix this would probably
>> be to add a 'chmod go-r /etc/wifi-radar/wifi-radar.conf*' at the end
>> of doinst.sh. That way, even if the user did not change their config
>> we can be sure the perms are right.
> Well, I'm not sure that's the right approach - there may very well be
> some cases where the admin has assigned group permissions to be
> readable or even writable, and we don't want to blow that away.
> That being said, it is somewhat of a corner case, and I guess that,
> all things considered, it's probably better for the admin to have to
> reset those permissions than to have compromised private key.
echo "WARNING: you should do a chmod -r [...]"
More information about the Slackbuilds-users