J. Brad Hicks (bradhicks) wrote in logjam,
J. Brad Hicks

~/.logjam unhappiness

I had occasion this morning to manually edit my ~/.logjam/conf.xml preference file. I'm not especially happy about having had to edit it manually, but that was the only way I could get LogJam 4.4.0 to save my default font size for the editor window. I kept setting it to FreeSans 11, and it kept setting itself back to FreeSans 10.

While doing so, I browsed the various other conf.xml files I found, and found something really, really disturbing. I was not expecting to find that my journal's password was saved to clear text. I was even more so not expecting to find the permissions on that file, and every other file inside the .logjam folder, defaulted to 666. The directory itself and all the subdirectories were correctly set to 700, but any user on the same machine who knew my LJ name and who used LogJam themselves could deduce the directory path and open, view, and edit every file in there. I consider that a pretty big bug.

  • Ubuntu 16.04

    LogJam for Xenial please?

  • Ubuntu 15.10

    Cannot install logjam package after upgrading my 64-bit system to Ubuntu 15.10. Any ideas?

  • Help creating a Deadjournal server entry

    Howdy. I have two questions, and the second question probably relates to the first. I don't know what port setting I should input when creating the…

  • Post a new comment


    default userpic
    When you submit the form an invisible reCAPTCHA check will be performed.
    You must follow the Privacy Policy and Google Terms of use.