Shura, Typically these types of directories have permissions of drwx------. Sometimes these directories will have permissions of drwxr-xr-x. Here are a couple of examples from my home directory:
drwxr-xr-x 2 johnf staff 512 Mar 16 2005 .desktop/ drwxr-xr-x 2 johnf staff 512 May 22 2003 .dist/ drwxr-xr-x 15 johnf staff 512 Oct 8 09:20 .dt/ Now if there is sensitive data stored within the directories that have the group and other permissions with the read bit set we need to insure that the password file still has some level of protection. Typically these files are only owner readable (-rw------- (0600) or -r-------- (0400)). There are several programs on Solaris that when they notice that the permissions are not 0600 or 0400 will exit or not use the file. Does eclipse provide this level of protection for the password file it stores in the home directory? Thanks, John On Tue, 2008-11-11 at 00:31, Alexandre (Shura) Iline wrote: > On Monday 10 November 2008 19:13:31 John Fischer wrote: > > Shura, > > > > What are the permissions of the directories and > > file secure_storage? Assuming that the directories > > and file permissions are supposed to be readable and > > writable by the owner only what happens if the > > permissions are otherwise? > > I did not check this scenario. This is an unlikely one, though. > > Normally, ~/.* directories and files are configuration files for some systems > or programs, such as .bashrc, for instance. > > Is there a case when such files are not writeable? > > Shura. > > > > > Thanks, > > > > John > > > > On Mon, 2008-11-10 at 05:56, Alexandre (Shura) Iline wrote: > > > Hi. > > > > > > Eclipse simply stores encrypted passwords into a file. > > > > > > The file is > > > ~/.eclipse/org.eclipse.equinox.security/secure_storage file. > > > > > > No security issue here as far as I can see. > > > > > > Shura. > >
