security-problem i 1.2-pre3

From: Reychman Felix <flix netch se>
To: balsa-list gnome org
Subject: security-problem i 1.2-pre3
Date: Sat, 8 Sep 2001 16:56:38 +0200

When killing Balsa, the temp files in /tmp called 
	mutt-morricone-xxx-yyy
are not removed. They have a permissions 600, but root will still be able
to read them.
As it is, the root where I use Balsa would have to read _big_ maillogs to
find my mail, if it wasn't for this, since my important mailboxes are
gpg-encrypted.

I believe these files should be removed when they are no longer needed, and
this has once been fixed, but is now apparently back.

Thankyou

-- 
****************************************************************
flix Reychman    II
flix@netch.se    II   "Walk tall 
046-2724645      II   or baby, don't walk at all"
0708-392311      II   /Bruce Springsteen, New York City Serenade
****************************************************************

Follow-Ups:
- Re: security-problem i 1.2-pre3
  - From: Jules Bean

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]