Bug 955384 - Default permissions of /etc/prosody/* are weak
Summary: Default permissions of /etc/prosody/* are weak
Status: CLOSED ERRATA
Alias: None
Product: Fedora EPEL
Classification: Fedora
Component: prosody
Version: el6
Hardware: All
OS: Linux
unspecified
high
Target Milestone: ---
Assignee: Johan Cwiklinski
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Keywords:
Depends On:
Blocks: 955780
TreeView+ depends on / blocked
 
Reported: 2013-04-22 23:36 UTC by Robert Scheck
Modified: 2013-10-02 06:52 UTC (History)
3 users (show)

(edit)
Clone Of:
(edit)
Last Closed: 2013-05-15 19:43:52 UTC

Attachments (Terms of Use)
Patch suggestion for prosody.spec to harden /etc/prosody/* (1020 bytes, patch)
2013-04-22 23:38 UTC, Robert Scheck 		no flags Details | Diff
Add an attachment (proposed patch, testcase, etc.)

Description Robert Scheck 2013-04-22 23:36:59 UTC 
Description of problem:
The default permissions of /etc/prosody/* are weak. If I would put any of
my database connection data into the default configuration file (which is
expected) then these login credentials could be read by everybody on this
local system.

Version-Release number of selected component (if applicable):
prosody-0.8.2-5.el6.x86_64

How reproducible:
Everytime, just set up a plain prosody and have a look to the permissions.

Actual results:
The default permissions of /etc/prosody/* are weak.

Expected results:
More hardend default permissions of /etc/prosody/*.

Additional info:
This issue affects all Fedora and EPEL branches! Please apply the attached
patch or better.
Comment 1 Robert Scheck 2013-04-22 23:38:22 UTC 
Created attachment 738726 [details]
Patch suggestion for prosody.spec to harden /etc/prosody/*
Comment 2 Fedora Update System 2013-04-27 22:44:50 UTC 
prosody-0.8.2-8.fc18 has been submitted as an update for Fedora 18.
https://admin.fedoraproject.org/updates/prosody-0.8.2-8.fc18
Comment 3 Fedora Update System 2013-04-27 22:45:14 UTC 
prosody-0.8.2-6.el6 has been submitted as an update for Fedora EPEL 6.
https://admin.fedoraproject.org/updates/prosody-0.8.2-6.el6
Comment 4 Fedora Update System 2013-04-27 22:45:39 UTC 
prosody-0.8.2-6.fc17 has been submitted as an update for Fedora 17.
https://admin.fedoraproject.org/updates/prosody-0.8.2-6.fc17
Comment 5 Fedora Update System 2013-04-27 22:56:08 UTC 
prosody-0.8.2-9.el5 has been submitted as an update for Fedora EPEL 5.
https://admin.fedoraproject.org/updates/prosody-0.8.2-9.el5
Comment 6 Fedora Update System 2013-04-28 18:31:38 UTC 
prosody-0.8.2-9.el5 has been pushed to the Fedora EPEL 5 testing repository.
Comment 7 Fedora Update System 2013-05-15 19:43:52 UTC 
prosody-0.8.2-9.el5 has been pushed to the Fedora EPEL 5 stable repository.
Comment 8 Fedora Update System 2013-05-29 17:33:34 UTC 
prosody-0.8.2-6.el6 has been pushed to the Fedora EPEL 6 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 9 Fedora Update System 2013-05-30 03:02:15 UTC 
prosody-0.8.2-8.fc18 has been pushed to the Fedora 18 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 10 Fedora Update System 2013-05-30 03:07:41 UTC 
prosody-0.8.2-6.fc17 has been pushed to the Fedora 17 stable repository.  If problems still persist, please make note of it in this bug report.
Comment 11 Fedora Update System 2013-09-18 21:32:21 UTC 
prosody-0.8.2-10.fc19 has been submitted as an update for Fedora 19.
https://admin.fedoraproject.org/updates/prosody-0.8.2-10.fc19
Comment 12 Fedora Update System 2013-10-02 06:52:31 UTC 
prosody-0.8.2-10.fc19 has been pushed to the Fedora 19 stable repository.  If problems still persist, please make note of it in this bug report.
Note You need to log in before you can comment on or make changes to this bug.