[OpenWrt-Devel] Possible security issue
e9hack
e9hack at gmail.com
Fri Apr 17 04:16:30 EDT 2020
Hi,
the configuration files for hostapd (/var/run/hostapd-phyX.conf) are readable for everyone. This means everyone can read the wifi passwords. If a non privileged user calls 'uci show wireless', he will also get all wifi passwords. This possible e.g. for user nobody and dnsmasq.
Is this a a security issue?
Regards,
Hartmut
_______________________________________________
openwrt-devel mailing list
openwrt-devel at lists.openwrt.org
https://lists.openwrt.org/mailman/listinfo/openwrt-devel
More information about the openwrt-devel
mailing list