[原文]readline prior to 4.1, in OpenBSD 2.8 and earlier, creates history files with insecure permissions, which allows a local attacker to recover potentially sensitive information via readline history files.
OpenBSD contains a flaw that may allow a malicious user to obtain sensitive information. The problem is that the readline library creates history files with insecure permissions. This may result in a loss of confidentiality and/or integrity.
Currently, there are no known workarounds or upgrades to correct this issue. However, OpenBSD has released a patch to address this vulnerability.