Learn more about these different git repos.
Other Git URLs
conf/config.py:139 (KRB_AUTH_CCACHE_FILE) defines a static cache file for krb5 tickets. Unless you make sure that the file does not already exist or is owned by the service user with sufficiently closed permissions, this might leak permissions to another user. Please either use a tempfile.mkstemp()'d file here, or do not set this option by default and do not set a ccache file unless the admin tells you to explicitly.
Metadata Update from @jkaluza: - Issue assigned to jkaluza
https://pagure.io/freshmaker/pull-request/179
@puiterwijk maybe this is off-topic, I'd like to ask if memory ccache could be safer?
Metadata Update from @jkaluza: - Issue close_status updated to: Fixed - Issue status updated to: Closed (was: Open)
@cqi it would be safer, yes. (well, normally... :)).
Login to comment on this ticket.