Bug#305142: world readable apt.conf with proxy passwd
reassign 305142 base-config
retitle 305142 apt-setup creates a world readable apt.conf file
Quoting Matt Zimmerman (email@example.com):
> reassign 305142 debian-installer
> On Mon, Apr 18, 2005 at 10:06:07AM +0200, Alexander Mader wrote:
> > Package: apt
> > Version: 0.5.28.1
> > Severity: grave
> > Tags: security
> > Justification: user security hole
> > During install apt.conf is written; including proxy configuration if
> > needed. The Proxy string is stored in apt.conf but permissions allow
> > group and others to read apt.conf hence to get the proxy password which
> > could even be a real users password.
> This issue belongs to whichever installer component creates the file.
Which happens to be apt-setup from base-config if I'm correct...