On 12/18/2017 05:32 PM, Diederik de Haas wrote:
On maandag 18 december 2017 06:21:44 CET Heinrich Schuchardt wrote:
the configuration of quassel client is stored in
~/.config/quassel-irc.org/quasselclient.conf
This file was created on my system as chmod 644. So it is world readable.
That's also what I thought, but it's not as bad as one would think.
See https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=806500 for details
Not encoding the password means that any user application can fetch it
and send it to the internet even if ~/.config is chmod 700.
Can anything be worse?
Best regards
Henrich
_______________________________________________
pkg-kde-extras mailing list
pkg-kde-extras@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-kde-extras
