Hi,
> privileges of $HOME/.mc/ are default rwx-rx--rx-
> if anyone has used built in mc ftp-client and has put link like:
> password:userat_private, in file
> history in foledr $HOME/.mc/ is stored in a key in '[inp FTP to machine
> ]'
> tree.
The current version (4.5.37) of mc, that is used by SuSE creates
the history file mode 600 independently of the umask.
Nevertheless, I think it's a very bad behavior to record account
informations, because it could be used by a cracker to gain access
to more sites.
The authors of mc should disable recording these kind of stuff.
Bye,
Thomas
--
Thomas Biege, SuSE GmbH, Schanzaeckerstr. 10, 90443 Nuernberg
E@mail: thomasat_private Function: Security Support & Auditing
"lynx -source http://www.suse.de/~thomas/thomas.pgp | pgp -fka"
Key fingerprint = E3 42 DA D1 3B 9C 23 D0 93 1F B8 2E 6B 9A 45 82
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:57:17 PDT