[bug #57766] Remove group-write permission from ~/.wget-hsts file

bug-wget

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[bug #57766] Remove group-write permission from ~/.wget-hsts file

From:	Jon Beilke
Subject:	[bug #57766] Remove group-write permission from ~/.wget-hsts file
Date:	Fri, 7 Feb 2020 12:16:11 -0500 (EST)
User-agent:	Mozilla/5.0 (Macintosh; Intel Mac OS X 10_14_0) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/79.0.3945.130 Safari/537.36

URL:
  <https://savannah.gnu.org/bugs/?57766>

                 Summary: Remove group-write permission from ~/.wget-hsts file
                 Project: GNU Wget
            Submitted by: jrbeilke
            Submitted on: Fri 07 Feb 2020 11:16:09 AM CST
                Category: Feature Request
                Severity: 3 - Normal
                Priority: 5 - Normal
                  Status: None
                 Privacy: Public
             Assigned to: None
         Originator Name: 
        Originator Email: 
             Open/Closed: Open
         Discussion Lock: Any
                 Release: trunk
        Operating System: GNU/Linux
         Reproducibility: Every Time
           Fixed Release: None
         Planned Release: None
              Regression: None
           Work Required: None
          Patch Included: None

    _______________________________________________________

Details:

Working on improving the security of our Linux systems and one of the
recommendations is to ensure user dot files are not group or world writable
(CIS DIL 6.2.10), but wget generates the .wget-hsts file for users with group
write permissions.

Here's an example from a fresh Ubuntu 18.04.4 system with wget 1.19.4:
$ ls -al
total 40
drwxr-xr-x 6 vagrant vagrant 4096 Feb  7 17:04 .
drwxr-xr-x 4 root    root    4096 Feb  7 17:03 ..
-rw-r--r-- 1 vagrant vagrant  220 Jan 31 15:58 .bash_logout
-rw-r--r-- 1 vagrant vagrant 3771 Jan 31 15:58 .bashrc
drwx------ 2 vagrant vagrant 4096 Feb  7 17:03 .cache
drwx------ 3 vagrant vagrant 4096 Feb  7 17:03 .gnupg
-rw-r--r-- 1 vagrant vagrant  807 Jan 31 15:58 .profile
drwx------ 2 vagrant vagrant 4096 Feb  7 17:03 .ssh
-rw-rw-r-- 1 vagrant vagrant  165 Feb  7 17:04 .wget-hsts

Is there a specific wget feature/functionality that requires the .wget-hsts
file be writable by the group?

If not can the file be generated with 644 permissions instead?




    _______________________________________________________

Reply to this item at:

  <https://savannah.gnu.org/bugs/?57766>

_______________________________________________
  Message sent via Savannah
  https://savannah.gnu.org/

[Prev in Thread]

Current Thread

[Next in Thread]

[bug #57766] Remove group-write permission from ~/.wget-hsts file, Jon Beilke <=
- [bug #57766] Remove group-write permission from ~/.wget-hsts file, Tim Ruehsen, 2020/02/07
  - [bug #57766] Remove group-write permission from ~/.wget-hsts file, Jon Beilke, 2020/02/07
    - [bug #57766] Remove group-write permission from ~/.wget-hsts file, Jon Beilke, 2020/02/07
- Re: [bug #57766] Remove group-write permission from ~/.wget-hsts file, L A Walsh, 2020/02/09

Prev by Date: Re: wget GET vs HEAD
Next by Date: [bug #57766] Remove group-write permission from ~/.wget-hsts file
Previous by thread: wget GET vs HEAD
Next by thread: [bug #57766] Remove group-write permission from ~/.wget-hsts file
Index(es):
- Date
- Thread