Skip to content
This repository

World readable cookie.db #77

mason-larobina opened this Issue April 24, 2012 · 2 comments

3 participants

Mason Larobina Yuriy Melnyk Plaque FCC
Mason Larobina

Find an appropriate way to change the permissions on the $XDG_{CACHE,CONFIG,DATA}_DIR/luakit dirs to prevent other users peeking at a users cookies.db and other sensitive data (I.e. form data).

Yuriy Melnyk
ymln commented August 01, 2012

Doesn't seem like Luakit's problem to me. My home directory in Arch Linux has permissions 700 by default, so nobody(except root and me) can access anything there anyway. It is like that in most distributions, but Ubuntu, for some reason, has 755 by default.

As for other browsers, some of them set their config directory permissions to 700(Firefox and Chromium), some of them don't(dwb).

Plaque FCC

Let us be paranoid enough now than lost later. ;D

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Something went wrong with that request. Please try again.