redis -- sensitive information leak through command history file

ID FA175F30-8C75-11E6-924A-60A44CE6887B
Type freebsd
Reporter FreeBSD
Modified 2013-11-30T00:00:00


Redis team reports:

The redis-cli history file (in linenoise) is created with the default OS umask value which makes it world readable in most systems and could potentially expose authentication credentials to other users.