[Bug 1700611] Re: sources.list file created for ESM is world-readable, leaks subscriber token to all local users
Making the file 0600 makes apt-cache complain about it when run by non- root users. Is that an issue worth having? $ apt policy asdf E: Opening /etc/apt/sources.list.d/dropbox.list - ifstream::ifstream (13: Permission denied) E: The list of sources could not be read. (dropbox.list was just an example) -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to ubuntu-advantage-tools in Ubuntu. https://bugs.launchpad.net/bugs/1700611 Title: sources.list file created for ESM is world-readable, leaks subscriber token to all local users To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/ubuntu-advantage-tools/+bug/1700611/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
[Bug 1701073] Re: CVE-2017-2619 regression breaks symlinks
I didn't quite dive into this yet. Adding https://bugzilla.samba.org/show_bug.cgi?id=12721 which may also be related. ** Bug watch added: Samba Bugzilla #12721 https://bugzilla.samba.org/show_bug.cgi?id=12721 ** Tags added: server-next -- You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to samba in Ubuntu. https://bugs.launchpad.net/bugs/1701073 Title: CVE-2017-2619 regression breaks symlinks To manage notifications about this bug go to: https://bugs.launchpad.net/samba/+bug/1701073/+subscriptions -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
