|
|
|
|
|
|
by sveiss
1795 days ago
|
|
|
Definitely a bug. The Unix equivalent would be a package update silently making /etc/shadow world readable, exposing the hashed passwords of local users. Not a big deal for a single user machine — there’s nothing you can do with this that you can’t do some other way as a local admin/root — but not good if you have untrusted, non-admin user accounts. |
|
|