** No longer affects: dconf (Ubuntu Bionic)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1735929
Title:
security problems with incorrect permissions for ubuntu 17.10
To manage notifications about
I tested the 2018-04-21 daily image, and the permissions on ~/.config
and ~/.local are OK now.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1735929
Title:
security problems with incorrect permissio
This bug was fixed in the package xorg-server - 2:1.19.6-1ubuntu4
---
xorg-server (2:1.19.6-1ubuntu4) bionic; urgency=medium
* debian/patches/fix-default-permissions.patch: fix default permissions
when creating the log directory. (LP: #1735929)
-- Marc Deslauriers Fri, 13 Ap
** Changed in: dconf
Status: Confirmed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1735929
Title:
security problems with incorrect permissions for ubuntu 17.10
To manage no
Hi Marc.
I apologize for not mentioning a release type. It's Xubuntu 16.04 LTS.
For now, I have no access to my other computer with Ubuntu 16.04 LTS so
I can not verify this issue. Sorry.
Is it a problem, that incorrect permission - in this case - are in
Xubuntu and not in Ubuntu? Will it be fixe
Hi daniel,
I wasn't able to reproduce with 16.04. Did you install the regular
Ubuntu desktop, or a specific flavour?
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1735929
Title:
security problems w
Hello.
On 16.04 LTS (16.04.4) Release it looks this way:
[~]$ ls -ld .config/
drwxr-xr-x 24 user1 user1 4096 apr 14 18:21 .config/
[~]$ ls -ld .local/
drwx-- 3 user1 user1 4096 apr 30 2017 .local/
Thanks.
--
You received this bug notification because you are a member of Ubuntu
Bugs, whic
** Also affects: xorg-server (Ubuntu)
Importance: Undecided
Status: New
** Changed in: xorg-server (Ubuntu Bionic)
Assignee: (unassigned) => Marc Deslauriers (mdeslaur)
** Changed in: xorg-server (Ubuntu Bionic)
Importance: Undecided => High
** Changed in: xorg-server (Ubuntu B
Here's another:
https://cgit.freedesktop.org/xorg/xserver/tree/hw/xfree86/common/xf86Helper.c#n1136
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1735929
Title:
security problems with incorrect per
Is there anything left to land here? I just installed the 2018-04-13
desktop iso, and while ~/.config has correct permissions, ~/.local does
not.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1735929
This bug was fixed in the package gnome-session - 3.28.1-0ubuntu1
---
gnome-session (3.28.1-0ubuntu1) bionic; urgency=medium
* New upstream release
- Don't create ~/.config as world-readable. (LP: #1735929)
* Drop xsmp-don-t-check-for-HAVE_XTRANS.patch: Applied in new release
** Changed in: gnome-session (Ubuntu Bionic)
Status: In Progress => Fix Committed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1735929
Title:
security problems with incorrect permissions for
** Branch linked: lp:~ubuntu-desktop/gnome-session/ubuntu
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1735929
Title:
security problems with incorrect permissions for ubuntu 17.10
To manage notifi
** Changed in: gnome-session
Status: Confirmed => Fix Released
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1735929
Title:
security problems with incorrect permissions for ubuntu 17.10
To m
Change attached to the upstream bug
** Changed in: gnome-session (Ubuntu Bionic)
Status: Triaged => In Progress
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1735929
Title:
security problems
The weird version is no-go, bionic-proposed is not supposed to be used,
it's a pocket designed for packages testing and validation, if you opt
in for that you should know what you are doing. It's easy enough to go
back, just install dconf-server/bionic libdconf1/bionic etc for all the
dconf binarie
This bug was fixed in the package d-conf - 0.26.0-2ubuntu3
---
d-conf (0.26.0-2ubuntu3) bionic; urgency=medium
* 0001-Don-t-create-the-user-config-dir-as-world-readable.patch:
- create the config dir with permissions 700 so it's not world readable
(lp: #1735929)
-- Sebas
Next proposal:
rename to 0.26.1-3ubuntu3+isreally+0.26.0-2ubuntu3
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1735929
Title:
security problems with incorrect permissions for ubuntu 17.10
To man
Also, this is why I try suggesting really strongly to you guys not to
run -proposed during the development cycle because these kind of
removals happen.
(Maybe you just need to make sure you downgrade all the dconf binary
packages at the same time.)
--
You received this bug notification because y
dino99, we can't easily just set the version higher since the
autopkgtest issue is triggered by 0.26.1 and higher versions.
http://autopkgtest.ubuntu.com/packages/n/notify-osd/bionic/armhf
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubunt
Yeah but that tweak is quite dirty: try to downgrade from
0.26.1-3ubuntu2 to 0.26.0-2ubuntu3, and you are proposed to remove half
of the packages list.
Maybe set the proposed version higher than the previous proposed one to
bypass that issue.
--
You received this bug notification because you are
No, that was "dconf" (rename) and that never migrated to bionic due to
armhf autopkgtest issues, I deleted that version to land that fix, the
update can be uploaded again if someone figures out the test issues
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is
** Changed in: d-conf (Ubuntu Bionic)
Status: Triaged => Fix Committed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1735929
Title:
security problems with incorrect permissions for ubuntu 17.
d-conf (0.26.0-2ubuntu3) bionic; urgency=medium
* 0001-Don-t-create-the-user-config-dir-as-world-readable.patch:
- create the config dir with permissions 700 so it's not world readable
(lp: #1735929)
-- Sebastien Bacher Thu, 29 Mar 2018 11:01:28
+0200
uh !! bionic-proposed is alr
** Also affects: gnome-session (Ubuntu Bionic)
Importance: High
Assignee: Sebastien Bacher (seb128)
Status: Triaged
** Also affects: dconf (Ubuntu Bionic)
Importance: High
Status: Triaged
** Also affects: d-conf (Ubuntu Bionic)
Importance: High
Assignee: Sebastien
** Tags removed: rls-bb-incoming
** Changed in: gnome-session (Ubuntu)
Assignee: (unassigned) => Sebastien Bacher (seb128)
** Changed in: d-conf (Ubuntu)
Assignee: (unassigned) => Sebastien Bacher (seb128)
--
You received this bug notification because you are a member of Ubuntu
Bugs,
** Tags added: rls-bb-incoming
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1735929
Title:
security problems with incorrect permissions for ubuntu 17.10
To manage notifications about this bug go t
Any further progress on these issues?
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1735929
Title:
security problems with incorrect permissions for ubuntu 17.10
To manage notifications about this b
Related bug in ubuntu-mate-welcome: bug 1745929
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1735929
Title:
security problems with incorrect permissions for ubuntu 17.10
To manage notifications ab
This bug was fixed in the package session-migration - 0.3.3
---
session-migration (0.3.3) bionic; urgency=medium
* src/session-migration.c:
fix default permission when creating unexisting parent directories
to be 700. (LP: #1735929)
-- Didier Roche Tue, 23 Jan 2018 10:31
** Branch linked: lp:session-migration
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1735929
Title:
security problems with incorrect permissions for ubuntu 17.10
To manage notifications about this
** Also affects: dconf (Ubuntu)
Importance: Undecided
Status: New
** Changed in: dconf (Ubuntu)
Status: New => Triaged
** Changed in: dconf (Ubuntu)
Importance: Undecided => High
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscrib
** Changed in: gnome-session
Status: Unknown => Confirmed
** Changed in: gnome-session
Importance: Unknown => Medium
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1735929
Title:
security
** Changed in: dconf
Status: Unknown => Confirmed
** Changed in: dconf
Importance: Unknown => Medium
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1735929
Title:
security problems with in
** Changed in: d-conf (Ubuntu)
Importance: Undecided => High
** Changed in: d-conf (Ubuntu)
Status: New => Triaged
** Bug watch added: GNOME Bug Tracker #792677
https://bugzilla.gnome.org/show_bug.cgi?id=792677
** Also affects: dconf via
https://bugzilla.gnome.org/show_bug.cgi?id
** Bug watch added: GNOME Bug Tracker #792675
https://bugzilla.gnome.org/show_bug.cgi?id=792675
** Also affects: gnome-session via
https://bugzilla.gnome.org/show_bug.cgi?id=792675
Importance: Unknown
Status: Unknown
--
You received this bug notification because you are a member
Sure, will have a look on the directory creation permission
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1735929
Title:
security problems with incorrect permissions for ubuntu 17.10
To manage noti
Didier, could you have a look to the session-migration part of the
issue?
** Changed in: session-migration (Ubuntu)
Assignee: (unassigned) => Didier Roche (didrocks)
** Changed in: gnome-session (Ubuntu)
Importance: Undecided => High
** Changed in: gnome-session (Ubuntu)
Status: N
and another:
https://git.gnome.org/browse/gnome-session/tree/gnome-session/gsm-util.c?h=gnome-3-26#n99
** Also affects: gnome-session (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu
Here's another:
https://git.gnome.org/browse/dconf/tree/service/dconf-gvdb-utils.c#n177
https://git.gnome.org/browse/dconf/tree/service/dconf-keyfile-writer.c#n210
** Also affects: d-conf (Ubuntu)
Importance: Undecided
Status: New
--
You received this bug notification because you are a
Here is one:
http://bazaar.launchpad.net/~ubuntu-desktop/session-migration/trunk/view/head:/src/session-migration.c#L270
** Package changed: ubuntu => session-migration (Ubuntu)
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https:/
Looks like 16.04 is unaffected.
** Changed in: ubuntu
Importance: Undecided => High
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1735929
Title:
security problems with incorrect permissions for
With the 17.04 installer, only .local seems to be affected.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1735929
Title:
security problems with incorrect permissions for ubuntu 17.10
To manage noti
I can reproduce this issue with the 17.10 desktop installer.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1735929
Title:
security problems with incorrect permissions for ubuntu 17.10
To manage not
This is definitely a regression compared to previous releases and needs
investigation.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1735929
Title:
security problems with incorrect permissions for u
On Ubuntu MATE 17.10 I can confirm ~/.config is drwxr-xr-x
However with a new user ~/.cache is drwxrwxr-x and ~/.local is drwx--
** Changed in: ubuntu
Status: New => Confirmed
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
Oh, that's an interesting possibility. Thanks.
** Changed in: ubuntu
Status: Won't Fix => New
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1735929
Title:
security problems with incorrect pe
Hello Seth, thank you for your answer.
It is so strange. As far as I know it was done so all users could access
~/Public directory and this does not apply to the directories like .config and
.local which could contain private information and application settings.
~/.cache folder still contains 70
Hell User2233, this is an intentional design choice to enable users to
share with each other. If this isn't appropriate for your environment
you can modify the DIR_MODE variable in /etc/adduser.conf to set the
permissions as desired.
https://help.ubuntu.com/lts/serverguide/user-management.html#use
49 matches
Mail list logo