[asterisk-bugs] [Asterisk 0012373]: astgenkey creates world-readable private keys
noreply at bugs.digium.com
noreply at bugs.digium.com
Sun Apr 6 11:30:12 CDT 2008
A NOTE has been added to this issue.
======================================================================
http://bugs.digium.com/view.php?id=12373
======================================================================
Reported By: lmamane
Assigned To:
======================================================================
Project: Asterisk
Issue ID: 12373
Category: Utilities/General
Reproducibility: always
Severity: minor
Priority: normal
Status: new
Asterisk Version: 1.4.19
SVN Branch (only for SVN checkouts, not tarball releases): N/A
SVN Revision (number only!):
Disclaimer on File?: N/A
Request Review:
======================================================================
Date Submitted: 04-06-2008 07:25 CDT
Last Modified: 04-06-2008 11:30 CDT
======================================================================
Summary: astgenkey creates world-readable private keys
Description:
The shipped astgenkey creates the private key world-readable, even in "-n"
(unencrypted private key) mode. Here's the patch to generate it 0600 that I
added to Debian.
======================================================================
----------------------------------------------------------------------
Corydon76 - 04-06-08 11:29
----------------------------------------------------------------------
But that's incorrect. The file is created with whatever umask the user
using the script is using. If the user ALREADY has a umask of 066 or 006,
then the file will not be created world-readable at all.
Issue History
Date Modified Username Field Change
======================================================================
04-06-08 11:30 Corydon76 Note Added: 0085058
======================================================================
More information about the asterisk-bugs
mailing list