Bug#46857: apt: If source URI contains password, the password is printed on the screen during fetches

To: Adam Heath <doogie@debian.org>
Cc: 46857@bugs.debian.org
Subject: Bug#46857: apt: If source URI contains password, the password is printed on the screen during fetches
From: "KORN Andras" <korn@chardonnay.math.bme.hu>
Date: Fri, 8 Oct 1999 11:21:01 +0200
Message-id: <[🔎] 19991008112101.B774@utopia>
Reply-to: "KORN Andras" <korn@chardonnay.math.bme.hu>, 46857@bugs.debian.org
In-reply-to: <[🔎] Pine.LNX.3.96.991007130404.17377C-100000@doogie.private.novare.net>
References: <[🔎] 19991007150314.32361.qmail@chardonnay.math.bme.hu> <[🔎] Pine.LNX.3.96.991007130404.17377C-100000@doogie.private.novare.net>

On Thu, Oct 07, 1999 at 01:05:42PM -0500, Adam Heath wrote:

> It is even worse.  sources.list has to be world readable, so that normal users
> can run apt-get source.

Another possible approach would be to make sources.list owned by, say,
root.apt, mode 640, and make apt-get setgid apt.

I'm not sure this would be a good solution.

Andrew

-- 
  Andrew Korn (Korn Andras) <korn@eik.bme.hu>  http://goliat.eik.bme.hu/~korn
    Finger korn@goliat.eik.bme.hu for pgp key.  Homepage is obsolete. QOTD:
                Anything that kills you makes you...well, dead.

Reply to:

References:
- Bug#46857: apt: If source URI contains password, the password is printed on the screen during fetches
  - From: KORN Andras <korn@chardonnay.math.bme.hu>
- Bug#46857: apt: If source URI contains password, the password is printed on the screen during fetches
  - From: Adam Heath <doogie@debian.org>

Prev by Date: Bug#46961: apt: apt-get reinstall
Next by Date: boot floppies 2.2.0 expected within 72 hours
Previous by thread: Bug#46857: apt: If source URI contains password, the password is printed on the screen during fetches
Next by thread: Re: Bug#46857: apt: If source URI contains password, the password is printed on the screen during fetches
Index(es):
- Date
- Thread