Hi, > privileges of $HOME/.mc/ are default rwx-rx--rx- > if anyone has used built in mc ftp-client and has put link like: > password:userat_private, in file > history in foledr $HOME/.mc/ is stored in a key in '[inp FTP to machine > ]' > tree. The current version (4.5.37) of mc, that is used by SuSE creates the history file mode 600 independently of the umask. Nevertheless, I think it's a very bad behavior to record account informations, because it could be used by a cracker to gain access to more sites. The authors of mc should disable recording these kind of stuff. Bye, Thomas -- Thomas Biege, SuSE GmbH, Schanzaeckerstr. 10, 90443 Nuernberg E@mail: thomasat_private Function: Security Support & Auditing "lynx -source http://www.suse.de/~thomas/thomas.pgp | pgp -fka" Key fingerprint = E3 42 DA D1 3B 9C 23 D0 93 1F B8 2E 6B 9A 45 82
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:57:17 PDT