mosquitto.db file is world readable. This is, obviously, leading to the possibility of every local user to read the topic database and values at any given time. (permission rw-r--r--).
A security vulnerability such as this may prove disastorous to sensitive or secret data that can be contained within it.
Mitigation will be scoping the permission scheme to a specific user, that is running the mosquitto service.
Tested on an up-to-date raspberry pi 3 with the latest release of mosquitto.
The text was updated successfully, but these errors were encountered:
mosquitto.db file is world readable. This is, obviously, leading to the possibility of every local user to read the topic database and values at any given time. (permission rw-r--r--).
A security vulnerability such as this may prove disastorous to sensitive or secret data that can be contained within it.
Mitigation will be scoping the permission scheme to a specific user, that is running the mosquitto service.
Tested on an up-to-date raspberry pi 3 with the latest release of mosquitto.
The text was updated successfully, but these errors were encountered: