pan-users
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Pan-users] Re: Connections [Is it hiding a security hole?]


From: David Shochat
Subject: Re: [Pan-users] Re: Connections [Is it hiding a security hole?]
Date: Sat, 16 Aug 2008 19:50:29 -0400
User-agent: Thunderbird 2.0.0.16 (X11/20080724)

Timothy J. Hamilton wrote:

I tried editing servers.xml as root. No help. I changed permissions and

ownership. Setting owner as forbidden to write & setting ownership of the file

to root.

On startup both times, Pan acted as if it were a new install. Entries in the

edited servers.xml were removed.

It would seem that somewhere Pan is not respecting *nix file ownership settings

and permissions at least when it comes to servers.xml.

servers.xml is in .pan2. So as long as you have write access to .pan2 (which would normally be the case), pan could, if it wanted to, delete servers.xml, no matter what its ownership/permissions might be, and re-create it. I do not know that pan does this nor why it would want to; I'm just saying that nothing would prevent it from doing that. Deleting a file requires only write-access to the directory containing it.
-- David





reply via email to

[Prev in Thread] Current Thread [Next in Thread]