[asterisk-bugs] [Asterisk 0012373]: astgenkey creates world-readable private keys

noreply at bugs.digium.com noreply at bugs.digium.com
Sun Apr 6 10:09:38 CDT 2008


A NOTE has been added to this issue. 
====================================================================== 
http://bugs.digium.com/view.php?id=12373 
====================================================================== 
Reported By:                lmamane
Assigned To:                
====================================================================== 
Project:                    Asterisk
Issue ID:                   12373
Category:                   Utilities/General
Reproducibility:            always
Severity:                   minor
Priority:                   normal
Status:                     new
Asterisk Version:           1.4.19 
SVN Branch (only for SVN checkouts, not tarball releases): N/A 
SVN Revision (number only!):  
Disclaimer on File?:        N/A 
Request Review:              
====================================================================== 
Date Submitted:             04-06-2008 07:25 CDT
Last Modified:              04-06-2008 10:09 CDT
====================================================================== 
Summary:                    astgenkey creates world-readable private keys
Description: 
The shipped astgenkey creates the private key world-readable, even in "-n"
(unencrypted private key) mode. Here's the patch to generate it 0600 that I
added to Debian.
====================================================================== 

---------------------------------------------------------------------- 
 tzafrir - 04-06-08 10:09  
---------------------------------------------------------------------- 
Generating a private key that is world-writable is, well, surprising.
Compare that to e.g. ssh-keygen .

The public key should indeed be generated with the the current umask:

saved_umask=`umask`
umask 0700
 ...
umask $saved_umask 

Issue History 
Date Modified   Username       Field                    Change               
====================================================================== 
04-06-08 10:09  tzafrir        Note Added: 0085052                          
======================================================================




More information about the asterisk-bugs mailing list