[QGIS-trac] [Quantum GIS] #3862: world-readable posgresql account
passwords in QGIS.conf
Quantum GIS
qgis at qgis.org
Wed Jun 1 19:09:19 EDT 2011
#3862: world-readable posgresql account passwords in QGIS.conf
------------------------------------------------+---------------------------
Reporter: strk | Owner: nobody
Type: bug | Status: new
Priority: major: does not work as expected | Milestone: Version 1.7.0
Component: Data Provider | Version: Trunk
Keywords: | Platform_version:
Platform: Debian | Must_fix: Yes
Status_info: 0 |
------------------------------------------------+---------------------------
I've seen ~/.config/QuantumGIS/QGIS.conf is created as world-readable, and
contains posgresql account passwords...
Looking for other examples I've found vlc and transmission configs also
having some passwords, and they are properly created with permissions
0600.
BTW, there's no appropriate Component value for this ticket
--
Ticket URL: <https://trac.osgeo.org/qgis/ticket/3862>
Quantum GIS <http://qgis.org>
Quantum GIS is an Open Source GIS supporting GDAL/OGR, PostGIS, and GRASS formats, and Web Services
More information about the QGIS-trac
mailing list