1 Mar
2018
1 Mar
'18
09:42
http://bugzilla.opensuse.org/show_bug.cgi?id=1082822
http://bugzilla.opensuse.org/show_bug.cgi?id=1082822#c5
--- Comment #5 from Andreas Stieger
This is no security risc, because with root:root you can not use this plugin. Apache must have write rights to save and generate keys. With root:root apache can not do this.
Are you sure? The vulnerability is about remote attackers reading confidential files due to them being web readable and in the web tree, which is the case here. -- You are receiving this mail because: You are on the CC list for the bug.