Bug#682608: Fix

To: Gaudenz Steinlin <gaudenz@debian.org>, 682608@bugs.debian.org
Cc: chuck adams <chuck.adams.k7qo@gmail.com>
Subject: Bug#682608: Fix
From: Julien Cristau <jcristau@debian.org>
Date: Mon, 27 Aug 2012 19:03:48 +0200
Message-id: <[🔎] 20120827170348.GM5484@radis.cristau.org>
Reply-to: Julien Cristau <jcristau@debian.org>, 682608@bugs.debian.org
In-reply-to: <[🔎] 87r4qsd91d.fsf@meteor.durcheinandertal.bofh>
References: <[🔎] 1345992709.3286.7.camel@cooler> <[🔎] 87r4qsd91d.fsf@meteor.durcheinandertal.bofh>

On Mon, Aug 27, 2012 at 10:38:22 +0200, Gaudenz Steinlin wrote:

> 
> Hi
> 
> chuck adams <chuck.adams.k7qo@gmail.com> writes:
> 
> > Using the suggested comment that /etc/network/interfaces needed lines
> > commented out, I went to a working system and compared the interfaces
> > file.
> >
> > In the installation using the wireless interface the interfaces
> > file contained a serious security violation as shown here:
> >
> > # The primary network interface
> > allow-hotplug wlan0
> > iface wlan0 inet dhcp
> > 	wpa-ssid NETGEAR
> > 	wpa-psk  wittyflower875
> >
> >
> > In that the file contains, in plain ASCII text,
> > the ssid and password for the network and the file
> > is viewable by all users.
> 
> Does anyone know if it's really necessary that /etc/network/interfaces
> is world readable? Or could this file set to mode 0600 by d-i if it
> contains any sensitive information?
> 
0600 works fine, last I checked.

Cheers,
Julien

Attachment: signature.asc
Description: Digital signature

Reply to:

References:
- Bug#682608: Fix
  - From: chuck adams <chuck.adams.k7qo@gmail.com>
- Bug#682608: Fix
  - From: Gaudenz Steinlin <gaudenz@debian.org>

Prev by Date: Bug#686021: tasksel: Should not need perl
Next by Date: Bug#686008: marked as done (Evolution: [INTL:pt_BR] Brazilian Portuguese debconf templates translation)
Previous by thread: Bug#682608: Fix
Next by thread: installation-guide_20120826_amd64.changes is NEW
Index(es):
- Date
- Thread