hostapd 0.7.3, and possibly other versions before 1.0, uses 0644
permissions for /etc/hostapd/hostapd.conf, which might allow local users to
obtain sensitive information such as credentials.
Author | Note |
---|---|
jdstrand | per Debian, wpa does not ship a configuration file |