search

skx / pam_pwnd

A PAM module to test passwords against previous leaks at haveibeenpwned.com
https://blog.steve.fi/tags/haveibeenpwned/
BSD 2-Clause "Simplified" License
35 stars 3 forks source link

Temporary file will be world readable #7

Closed patrobinson closed 5 years ago

patrobinson commented 5 years ago

Assuming the default umask (022) the temporary file used to store the rest of the hash will be world readable, allowing non root users to access it