[Ubuntu-translations-coordinators] [Bug 1938442] [NEW] Wrong permissions on ~/.hplip/.gnupg
You have been subscribed to a public bug: [Impact] * The directory ~/.hplip/.gnupg is readable by non-root users * This directory contains only public keys, but should still have the permissions changed to 700 for privacy reasons [Test Case] * Install hplip and run `hp-plugin -i` * ls -al ~/.hplip and observe that ~/.hplip/.gnupg has perms drwxr-xr-x * rm -rf ~/.hplip and install hplip from -proposed * run `hp-plugin -i` again * ls -al ~/.hplip and observe that ~/.hplip/.gnupg has perms drwx-- [Regression Potential] * Because of file permissions becoming more restrictive, it is possible that some other hplip binaries would fail to read the .gnupg directory * To ensure this isn't the case, testing should be done on different hplip use-cases to ensure they still function properly [Original Description] Hi, we have a report in Fedora - https://bugzilla.redhat.com/show_bug.cgi?id=1985251 - where Sergey found out that ~/.hplip/.gnupg directory has permissions 755 instead of 700. Perms 700 prevent accessing the dir by other users, because the dir can contain private keys. However, .gnupg dir contains only a public key used in GPG verification of HP plugin, so the matter isn't that critical, but it is good to have it fixed. The patch is attached. ** Affects: ubuntu-translations Importance: Undecided Status: New ** Affects: hplip (Ubuntu) Importance: Undecided Assignee: Till Kamppeter (till-kamppeter) Status: New ** Affects: hplip (Ubuntu Bionic) Importance: Undecided Status: New ** Affects: hplip (Ubuntu Focal) Importance: Undecided Status: New ** Affects: hplip (Ubuntu Hirsute) Importance: Undecided Status: New ** Affects: hplip (Ubuntu Impish) Importance: Undecided Status: New ** Affects: hplip (Ubuntu Jammy) Importance: Undecided Assignee: Till Kamppeter (till-kamppeter) Status: New ** Tags: patch -- Wrong permissions on ~/.hplip/.gnupg https://bugs.launchpad.net/bugs/1938442 You received this bug notification because you are a member of Ubuntu Translations Coordinators, which is subscribed to Ubuntu Translations. ___ Mailing list: https://launchpad.net/~ubuntu-translations-coordinators Post to : ubuntu-translations-coordinators@lists.launchpad.net Unsubscribe : https://launchpad.net/~ubuntu-translations-coordinators More help : https://help.launchpad.net/ListHelp
[Ubuntu-translations-coordinators] [Bug 1938442] [NEW] Wrong permissions on ~/.hplip/.gnupg
You have been subscribed to a public bug: [Impact] * The directory ~/.hplip/.gnupg is readable by non-root users * This directory contains only public keys, but should still have the permissions changed to 700 for privacy reasons [Test Case] * Install hplip and run `hp-plugin -i` * ls -al ~/.hplip and observe that ~/.hplip/.gnupg has perms drwxr-xr-x * rm -rf ~/.hplip and install hplip from -proposed * run `hp-plugin -i` again * ls -al ~/.hplip and observe that ~/.hplip/.gnupg has perms drwx-- [Regression Potential] * Because of file permissions becoming more restrictive, it is possible that some other hplip binaries would fail to read the .gnupg directory * To ensure this isn't the case, testing should be done on different hplip use-cases to ensure they still function properly [Original Description] Hi, we have a report in Fedora - https://bugzilla.redhat.com/show_bug.cgi?id=1985251 - where Sergey found out that ~/.hplip/.gnupg directory has permissions 755 instead of 700. Perms 700 prevent accessing the dir by other users, because the dir can contain private keys. However, .gnupg dir contains only a public key used in GPG verification of HP plugin, so the matter isn't that critical, but it is good to have it fixed. The patch is attached. ** Affects: hplip Importance: Undecided Status: New ** Affects: hplip (Ubuntu) Importance: Undecided Assignee: Till Kamppeter (till-kamppeter) Status: New ** Affects: hplip (Ubuntu Bionic) Importance: Undecided Status: New ** Affects: hplip (Ubuntu Focal) Importance: Undecided Status: New ** Affects: hplip (Ubuntu Hirsute) Importance: Undecided Status: New ** Affects: hplip (Ubuntu Impish) Importance: Undecided Status: New ** Affects: hplip (Ubuntu Jammy) Importance: Undecided Assignee: Till Kamppeter (till-kamppeter) Status: New ** Affects: ubuntu-translations Importance: Undecided Status: New ** Tags: patch -- Wrong permissions on ~/.hplip/.gnupg https://bugs.launchpad.net/bugs/1938442 You received this bug notification because you are a member of Ubuntu Translations Coordinators, which is subscribed to Ubuntu Translations. ___ Mailing list: https://launchpad.net/~ubuntu-translations-coordinators Post to : ubuntu-translations-coordinators@lists.launchpad.net Unsubscribe : https://launchpad.net/~ubuntu-translations-coordinators More help : https://help.launchpad.net/ListHelp
