2231: Cookie jar is readable by everyone by default
- Fixed
- Review Board
arip*****@gmai***** (Google Code) (Is this you? Claim this profile.) | |
March 17, 2012 |
What version are you running? rbtools 3.2 What's the URL of the page containing the problem? What steps will reproduce the problem? 1. Remove ~/.post-review-cookies.txt 2. Run post-review on a supported repository 3. What is the expected output? What do you see instead? I expect that ~/.post-review-cookies.txt is not world-readable by default. I observe that it is world-readable by default, which could be a small security risk if a user's home directory is world-readable (also the default).