.csearchindex is world-readable

vrajanap / codesearch

Automatically exported from code.google.com/p/codesearch

BSD 3-Clause "New" or "Revised" License

0 stars 0 forks source link

.csearchindex is world-readable #32

Closed GoogleCodeExporter closed 9 years ago

GoogleCodeExporter commented 9 years ago

The file .csearchindex is by word-readable by default. This might be a security 
issue because it may allow an attacker to get pieces of information about files 
it cannot read, such as filenames of files in directories that are not world 
readable or reconstructed contents of files that are not world readable.

I could provide a patch, although I believe this is easy to fix.

Original issue reported on code.google.com by fuz...@gmail.com on 26 Aug 2013 at 9:30

GoogleCodeExporter commented 9 years ago

This issue was closed by revision 3de5a76ef32a.

Original comment by rsc@swtch.com on 6 Sep 2013 at 8:06

Changed state: Fixed