** Changed in: fedora Importance: Unknown => Undecided ** Changed in: fedora Status: Unknown => New
** Changed in: fedora Remote watch: Red Hat Bugzilla #1985251 => None ** Package changed: fedora => ubuntu-translations ** No longer affects: ubuntu-translations ** Bug watch removed: Red Hat Bugzilla #1985251 https://bugzilla.redhat.com/show_bug.cgi?id=1985251 ** Project changed: hplip => ubuntu-translations ** No longer affects: ubuntu-translations -- You received this bug notification because you are a member of Ubuntu Translations Coordinators, which is subscribed to Ubuntu Translations. Matching subscriptions: Ubuntu Translations bug mail https://bugs.launchpad.net/bugs/1938442 Title: Wrong permissions on ~/.hplip/.gnupg Status in hplip package in Ubuntu: New Status in hplip source package in Bionic: New Status in hplip source package in Focal: New Status in hplip source package in Hirsute: New Status in hplip source package in Impish: New Status in hplip source package in Jammy: New Bug description: [Impact] * The directory ~/.hplip/.gnupg is readable by non-root users * This directory contains only public keys, but should still have the permissions changed to 700 for privacy reasons [Test Case] * Install hplip and run `hp-plugin -i` * ls -al ~/.hplip and observe that ~/.hplip/.gnupg has perms drwxr-xr-x * rm -rf ~/.hplip and install hplip from -proposed * run `hp-plugin -i` again * ls -al ~/.hplip and observe that ~/.hplip/.gnupg has perms drwx------ [Regression Potential] * Because of file permissions becoming more restrictive, it is possible that some other hplip binaries would fail to read the .gnupg directory * To ensure this isn't the case, testing should be done on different hplip use-cases to ensure they still function properly [Original Description] Hi, we have a report in Fedora - https://bugzilla.redhat.com/show_bug.cgi?id=1985251 - where Sergey found out that ~/.hplip/.gnupg directory has permissions 755 instead of 700. Perms 700 prevent accessing the dir by other users, because the dir can contain private keys. However, .gnupg dir contains only a public key used in GPG verification of HP plugin, so the matter isn't that critical, but it is good to have it fixed. The patch is attached. To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/hplip/+bug/1938442/+subscriptions _______________________________________________ Mailing list: https://launchpad.net/~ubuntu-translations-coordinators Post to : ubuntu-translations-coordinators@lists.launchpad.net Unsubscribe : https://launchpad.net/~ubuntu-translations-coordinators More help : https://help.launchpad.net/ListHelp