This would violate POLA and break, among other things already noted, things
like fingerd, which wants to run with least-privilege but still access
.plan and .project files.
Security is a process and requires conscious thought by an administrator,
and default permissions on home directories are no
On Fri, Dec 16, 2022 at 04:14:56PM +0300, Michael Tokarev wrote:
> On Fri, 16 Dec 2022 11:50:18 + debian user wrote:
> > Package: login
> > Version: 1:4.13+dfsg1-1
> > Severity: grave
> > Tags: security
> > Justification: user security hole
> > X-Debbugs-Cc: r...@localhost.lan, Debian
2 matches
Mail list logo