~emersion/soju#243: sqlite3 database file world readable with clear text passwords in it — sourcehut todo

~emersion/soju#243:

sqlite3 database file world readable with clear text passwords in it

I noticed that the default sqlite3 database file (/var/lib/soju/main.db) by default is globally readable (644). This surprised me as it contains sensitive data such as clear text nickserv passwords. Shouldn't this be locked down to the soju user (600)?

Status: REPORTED
Submitter: ~kinghrothgar
Assigned to: No-one
Submitted: a month ago
Updated: a month ago
Labels: bug db

~emersion a month ago

Indeed, this is an oversight.

~emersion added bug a month ago

~emersion added db a month ago

Register here or Log in to comment, or comment via email.