Bug#305142: CAN-2005-2214: insegure apt-setup

To: 305142@bugs.debian.org
Subject: Bug#305142: CAN-2005-2214: insegure apt-setup
From: Petter Reinholdtsen <pere@hungry.com>
Date: Tue, 12 Jul 2005 13:37:48 +0200
Message-id: <[🔎] 20050712113748.GB22109@saruman.uio.no>
Reply-to: Petter Reinholdtsen <pere@hungry.com>, 305142@bugs.debian.org
In-reply-to: <[🔎] 20050712103021.GA6897@kitenet.net>
References: <[🔎] 20050712053142.GB9098@finlandia.infodrom.north.de> <[🔎] 20050712103021.GA6897@kitenet.net>

[Joey Hess]
> The only real solution to this bug is to remove support for
> passwords in the proxy setting. Making the file mode 600 by default,
> or even only if a password is present cripples the system for
> regular users by breaking apt-get source and hardly makes it anymore
> secure anyway.

An option is to only support the http_proxy and ftp_proxy environment
variables, but this is painful in other ways (bug #123144).

Another option is to move the proxy settings to a separate file and
read this file too.

Reply to:

References:
- Bug#305142: CAN-2005-2214: insegure apt-setup
  - From: Martin Schulze <joey@infodrom.org>
- Bug#305142: CAN-2005-2214: insegure apt-setup
  - From: Joey Hess <joeyh@debian.org>

Prev by Date: Re: S/390 install cd image?
Next by Date: Bug#261929: Fwd: #261929 - Can't use tasksel to install multi l10n tasks
Previous by thread: Bug#305142: CAN-2005-2214: insegure apt-setup
Next by thread: Bug#260815: marked as done (efi-reader - installs files into etc/rcS.d)
Index(es):
- Date
- Thread