** Summary changed: - /boot/grub/menu.lst permissions should be 0660 or less + grub config file should not be world readable
** Description changed: Binary package hint: grub tiger emits these two notices: - # --WARN-- [boot02] The configuration file /boot/grub/menu.lst has group permissions. Should be 0600 + # --WARN-- [boot02] The configuration file /boot/grub/menu.lst has group permissions. Should be 0600 # --FAIL-- [boot02] The configuration file /boot/grub/menu.lst has world permissions. Should be 0600 I'm inclined to agree that menu.lst should not be world-readable to protect the (optional) password hash there-in from dictionary cracking attempts. This should be fixed in grub. I see no reason to worry about it having root group access. This should be fixed in tiger. + + Grub2's /boot/grub/grub.cfg also is world readable. ** Changed in: grub2 (Ubuntu) Importance: Medium => Wishlist -- grub config file should not be world readable https://bugs.launchpad.net/bugs/248843 You received this bug notification because you are a member of Registry Administrators, which is the registrant for Tiger. _______________________________________________ Mailing list: https://launchpad.net/~registry Post to : [email protected] Unsubscribe : https://launchpad.net/~registry More help : https://help.launchpad.net/ListHelp
