FreeBSD : mozilla -- insecure permissions for some downloaded files (a77849a5-696f-11d9-ae49-000c41e2cdad)
High Nessus Plugin ID 19066
SynopsisThe remote FreeBSD host is missing one or more security-related updates.
DescriptionIn a Mozilla bug report, Daniel Kleinsinger writes :
I was comparing treatment of attachments opened directly from emails on different platforms. I discovered that Linux builds save attachments in /tmp with world readable rights. This doesn't seem like a good thing. Couldn't someone else logged onto the same machine read your attachments?
This could expose the contents of downloaded files or email attachments to other users on a multi-user system.
SolutionUpdate the affected packages.