[clug] Skype Linux Reads Password and Firefox Profile

Alex Satrapa grail at goldweb.com.au
Mon Aug 27 01:56:41 GMT 2007

On 27/08/2007, at 07:01 , Chris Smart wrote:

> "Users of Skype for Linux have just found out that it reads the files
> /etc/passwd, firefox profile, plugins, addons, etc, and many other
> unnecessary files in /etc.

"Any sufficiently advanced incompetence is indistinguishable from  

Now strace "ls -l /home". OMG! It looks up /etc/passwd! Why on Earth  
is ls looking up a file it has no reason to be looking at? Oh hang  
on... maybe ls is just calling "getpwnam" to get some details about  
the current user (such as, for example, the "GECOS" field to find the  
full name "Jo User" rather than referring to the user as "juser"),  
and it's actually "getpwnam" that's doing the fopen on /etc/passwd?

Since you're not running Skype as an admnistrative user (or even as a  
user with sudo privileges), you've got nothing to worry about, right?

As for the *real* reasons for not using Skype - it's peer to peer,  
and will route calls through unrelated nodes simply because the  
bandwidth exists to do so. So if you're connected through a 1Mbps  
connection you'll end up routing calls for other people you don't  
know. Altruism aside, can you afford to have all this extra traffic  
routed through your Internet connection?


More information about the linux mailing list