Posted by Georgi Guninski on Nov 12
On Debian /home/loser is with permissions 755, default umask 0022
(If you don’t understand the numbers, this means a lot of
files are world readable).
On multiuser machines this sucks much.
Question: How much sensitive data can be read on default install?
1. mutt (text email client) exposes ~/.mutt/muttrc,
which might contain the imap password in plaintext.
2. Some time ago on a multiuser debian mirror we found a lot…
If you like the site, please consider joining the telegram channel or supporting us on Patreon using the button below.