Jreiber

**Name of the Vulnerable Software and Affected Versions** Planet versions prior to 2.0.1 **Description** The issue concerns the permissions of a secret file that stores the user's Planet API authentication information. This file should only be accessible by the user, but due to incorrect permissions, it was also readable by the user's group and non-group members. The problem was resolved in version 2.0.1. **Recommendations** For versions prior to 2.0.1, set the secret file permissions to only user read/write by hand using the command `chmod 600 ~/.planet.json`.