Package: ftpbackup Version: 0.3-1 Severity: critical Tags: security As per Jakub's message in debian-devel:
> # create BACKUPHOME if not exists > mkdir -p $BACKUPHOME No umask set anywhere in this script, so in default setup the directory (and later, the backup files) will be created readable to anyone. _______________________________________________ Secure-testing-team mailing list Secure-testing-team@lists.alioth.debian.org http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/secure-testing-team
