[clug] Skype Linux Reads Password and Firefox Profile
bnc at astronomicalresearchaustralia.org
Thu Aug 30 08:11:20 GMT 2007
Further to this I did a TCP trace and found
I did a, netstat -vep command and in part got;
Proto Recv-Q Send-Q Local Address Foreign Address
State User Inode
tcp 0 0 compname:58407 188.8.131.52:33033
TIME_WAIT root 0
What is concerning me is that the user is root!
I have installed skype in the normal manner with SMART.
Skype establishes two ports with my userid and the above one with root.
Can anyone else see the same?
Rainer Klein wrote:
>> In case some people don't read slashdot..
>> "Users of Skype for Linux have just found out that it reads the files
>> /etc/passwd, firefox profile, plugins, addons, etc, and many other
>> unnecessary files in /etc. This fact was originally discovered by using
>> AppArmor, but others have confirmed this fact using strace on versions
>> 184.108.40.206 and 220.127.116.11. What is going on? This probably shows how
>> important it is to use AppArmor in any closed-source application in
>> Linux to restrict any undue access to your files."
>> I never trusted that software (from the makers of mega-spyware Kazaa)
>> and use Ekiga myself :)
> The topic has been taken up by 'The Inquierer' (see link).
More information about the linux