Bug report #3862
world-readable postgresql account passwords in QGIS.conf
Status: | Closed | ||
---|---|---|---|
Priority: | Low | ||
Assignee: | - | ||
Category: | Data Provider | ||
Affected QGIS version: | master | Regression?: | No |
Operating System: | Debian | Easy fix?: | No |
Pull Request or Patch supplied: | No | Resolution: | fixed |
Crashes QGIS or corrupts data: | No | Copied to github as #: | 13920 |
Description
I've seen ~/.config/QuantumGIS/QGIS.conf is created as world-readable, and contains posgresql account passwords...
Looking for other examples I've found vlc and transmission configs also having some passwords, and they are properly created with permissions 0600.
BTW, there's no appropriate Component value for this ticket
Related issues
History
#1 Updated by Giovanni Manghi almost 13 years ago
- Target version changed from Version 1.7.0 to Version 1.7.4
#2 Updated by Jürgen Fischer over 12 years ago
- Crashes QGIS or corrupts data set to No
- Affected QGIS version set to master
- Pull Request or Patch supplied set to No
- Assignee deleted (
nobody -) - Status changed from Open to Closed
- Resolution set to fixed
implemented in 72c04ce8
#3 Updated by Jürgen Fischer over 11 years ago
- Subject changed from world-readable posgresql account passwords in QGIS.conf to world-readable postgresql account passwords in QGIS.conf