Python keyring lib before 0.10 created keyring files with world-readable permissions.
[
{
"product": "Python keyring lib",
"vendor": "Python keyring lib",
"versions": [
{
"status": "affected",
"version": "0.10"
}
]
}
]
www.openwall.com/lists/oss-security/2012/11/27/3
bitbucket.org/kang/python-keyring-lib/commits/049cd181470f1ee6c540e1d64acf1def7b1de0c1
bitbucket.org/kang/python-keyring-lib/issue/67/set-go-rwx-on-keyring_passcfg
bugzilla.redhat.com/show_bug.cgi?id=CVE-2012-5577
security-tracker.debian.org/tracker/CVE-2012-5577