Mikko Rapeli wrote:
> This small bug affects sarge too so I'm cc'ing security. Attached patches
> restrict the permissions for sarge and etch/sid so that non-root users can
> not read the default pin value used in Bluetooth authentication.
I know next to nothing about Bluetooth. What could a malicious user do
with this pin value and why does it need to be kept secret if it's
a default value (which I suppose is the same on all Debian installations?)
Cheers,
Moritz
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
