* Betr.: " Bug#612644: tryton-server: Postinst resets insecure permissions on configuration file with passwords" (Wed, 09 Feb 2011 18:55:31 +0100):
> This means that the database password and admin password configured in
> /etc/trytond.conf will be readable for all users on the system after
> postinst is run, even if the user has been so wise to make it 0600,
> because making the tryton database available to all users on the
> system is a very bad idea.
You are right, thanks for the hint. Fix is on the way.
> The postinst shouldn't overrule user changes of the permissions of
> the config file.
I think it must do this for the default setup. It is easy to provide a
different configuration file for someone, who wishes to do a special setup and
knows what he is doing.
Regards,
Mathias
--
Mathias Behrle
MBSolutions
Gilgenmatten 10 A
D-79114 Freiburg
Tel: +49(761)471023
Fax: +49(761)4770816
http://m9s.biz
UStIdNr: DE 142009020
PGP/GnuPG key availabable from any keyserver, ID: 0x8405BBF6
signature.asc
Description: PGP signature
