Bug#148466: marked as done (apt requires apt.conf to be readable for non-root usage)

To: Thomas Hood <jdthood@yahoo.co.uk>
Cc: APT Development Team <deity@lists.debian.org>
Subject: Bug#148466: marked as done (apt requires apt.conf to be readable for non-root usage)
From: owner@bugs.debian.org (Debian Bug Tracking System)
Date: Mon, 07 Jul 2003 06:18:26 -0500
Message-id: <[🔎] handler.148466.D148466.10575766539119.ackdone@bugs.debian.org>
In-reply-to: <1057576641.2687.1416.camel@thanatos>
References: <1057576641.2687.1416.camel@thanatos> <20020529095126.GA32214@xanadu.internal.gyre.co.uk>

Your message dated 07 Jul 2003 13:17:21 +0200
with message-id <1057576641.2687.1416.camel@thanatos>
and subject line #148466 not a bug
has caused the attached Bug report to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

--------------------------------------
Received: (at submit) by bugs.debian.org; 29 May 2002 09:51:30 +0000
>From mwk@gyre.co.uk Wed May 29 04:51:30 2002
Return-path: <mwk@gyre.co.uk>
Received: from pling.qwghlm.org [193.122.42.66] 
	by master.debian.org with esmtp (Exim 3.12 1 (Debian))
	id 17D078-0007DD-00; Wed, 29 May 2002 04:51:30 -0500
Received: from localhost ([127.0.0.1] helo=gomorrah.internal.gyre.co.uk)
	by pling.qwghlm.org with esmtp (Exim 3.35 #1 (Debian))
	id 17D075-0005x0-00; Wed, 29 May 2002 10:51:27 +0100
Received: from xanadu.internal.gyre.co.uk ([192.168.0.2])
	by gomorrah.internal.gyre.co.uk with esmtp (Exim 3.35 #1 (Debian))
	id 17D074-0001J6-00; Wed, 29 May 2002 10:51:26 +0100
Received: from mwk by xanadu.internal.gyre.co.uk with local (Exim 3.35 #1 (Debian))
	id 17D074-0008Q4-00; Wed, 29 May 2002 10:51:26 +0100
Date: Wed, 29 May 2002 10:51:26 +0100
From: Matt Kern <matt.kern@undue.org>
To: Debian Bug Tracking System <submit@bugs.debian.org>
Subject: apt requires apt.conf to be readable for non-root usage
Message-ID: <20020529095126.GA32214@xanadu.internal.gyre.co.uk>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
User-Agent: Mutt/1.3.28i
X-Reportbug-Version: 1.50
Sender: Matt Kern <mwk@xanadu.internal.gyre.co.uk>
Delivered-To: submit@bugs.debian.org

Package: apt
Version: 0.5.4
Severity: normal
Tags: security

If you run 'apt-cache search <package>' without read access to
apt.conf, apt bails.  While I understand that there are important
options in this file that might be needed in order for apt to function
properly, in my experience (maybe others?) the most common option in
this file is to add an http/ftp proxy together with a username and
password if the proxy requires one.

If you need to supply a username and password you can either:
  -- allow the username and password to be world readable
  -- prevent users from using apt by securing apt.conf

The first option is no-go on some networks.  The second option annoys
the clued-up users.

Perhaps apt could fall back to a different configuration file (without
the secure information) or use its defaults if apt is run without read
permissions on apt.conf?

Matt

-- System Information
Debian Release: 3.0
Architecture: i386
Kernel: Linux xanadu 2.4.19pre7ac3 #2 SMP Wed May 1 16:43:50 BST 2002 i686
Locale: LANG=C, LC_CTYPE=C

Versions of packages apt depends on:
ii  libc6                         2.2.5-6    GNU C Library: Shared libraries an
ii  libstdc++2.10-glibc2.2        1:2.95.4-7 The GNU stdc++ library

-- 
Matt Kern
http://www.undue.org/

---------------------------------------
Received: (at 148466-done) by bugs.debian.org; 7 Jul 2003 11:17:33 +0000
>From jdthood@yahoo.co.uk Mon Jul 07 06:17:23 2003
Return-path: <jdthood@yahoo.co.uk>
Received: from mars.mj.nl [81.91.1.49] 
	by master.debian.org with smtp (Exim 3.35 1 (Debian))
	id 19ZTzn-0002MQ-00; Mon, 07 Jul 2003 06:17:23 -0500
Received: (qmail 6941 invoked from network); 7 Jul 2003 11:17:22 -0000
Received: from 81-91-5-95-customer.mjdsl.nl (HELO thanatos.localdomain) (81.91.5.95)
  by www.mj.nl with SMTP; 7 Jul 2003 11:17:22 -0000
Received: from localhost (localhost [127.0.0.1])
	by thanatos.localdomain (Postfix) with ESMTP id D30B210D605
	for <148466-done@bugs.debian.org>; Mon,  7 Jul 2003 13:17:21 +0200 (CEST)
Subject: #148466 not a bug
From: Thomas Hood <jdthood@yahoo.co.uk>
To: 148466-done@bugs.debian.org
Content-Type: text/plain
Message-Id: <1057576641.2687.1416.camel@thanatos>
Mime-Version: 1.0
X-Mailer: Ximian Evolution 1.4.0 
Date: 07 Jul 2003 13:17:21 +0200
Content-Transfer-Encoding: 7bit
Delivered-To: 148466-done@bugs.debian.org
X-Spam-Status: No, hits=-2.0 required=4.0
	tests=BAYES_01,USER_AGENT_XIMIAN
	version=2.53-bugs.debian.org_2003_06_27
X-Spam-Level: 
X-Spam-Checker-Version: SpamAssassin 2.53-bugs.debian.org_2003_06_27 (1.174.2.15-2003-03-30-exp)

#148466 is not a bug.  However, the situation described here
might call for an enhancement.  If so, then this report might
be reopened at severity wishlist and details provided of the
proposed enhancement.

Reply to:

Prev by Date: Processed: severity 187889 minor
Next by Date: Processed: retitle with more detail
Previous by thread: Processed: severity 187889 minor
Next by thread: Processed: retitle with more detail
Index(es):
- Date
- Thread