kdelibs: kate backup file permission leak
| Package(s): | kdelibs kate kwrite | CVE #(s): | CAN-2005-1920 | ||||||||||||||||||||||||||||
| Created: | July 19, 2005 | Updated: | September 21, 2010 | ||||||||||||||||||||||||||||
| Description: | Kate / Kwrite, as shipped with KDE 3.2.x up to including 3.4.0, creates a file backup before saving a modified file. These backup files are created with default permissions, even if the original file had more strict permissions set. See this advisory for more information. | ||||||||||||||||||||||||||||||
| Alerts: |
| ||||||||||||||||||||||||||||||
Posted Sep 21, 2010 17:59 UTC (Tue)
by corymartinez (guest, #70247)
[Link]
Hmm the idea that someone else can read your files by parsing the backup is no that great. Although this can be used perfectly if you are storing the files in a secure location anyway, which is what many people like to do. I've been looking at some paid alternatives such as online storage and Syncing. There are free services among them too, but I won't trust a company with my files if they aren't charging me money for the service. That only means they expect to get their money in other ways which I most probably won't like.
kdelibs: kate backup file permission leak