[asterisk-commits] tilghman: branch 1.6.0 r113401 - in /branches/1.6.0: ./ contrib/scripts/

[SVN commits to the Asterisk project]

Author: tilghman
Date: Tue Apr  8 11:56:43 2008
New Revision: 113401

URL: http://svn.digium.com/view/asterisk?view=rev&rev=113401
Log:
Merged revisions 113400 via svnmerge from 
https://origsvn.digium.com/svn/asterisk/trunk

................
r113400 | tilghman | 2008-04-08 11:54:21 -0500 (Tue, 08 Apr 2008) | 14 lines

Merged revisions 113399 via svnmerge from 
https://origsvn.digium.com/svn/asterisk/branches/1.4

........
r113399 | tilghman | 2008-04-08 11:51:28 -0500 (Tue, 08 Apr 2008) | 6 lines

Add security note on astgenkey's manpage.
(closes issue #12373)
 Reported by: lmamane
 Patches: 
       20080406__bug12373.diff.txt uploaded by Corydon76 (license 14)

........

................

Modified:
    branches/1.6.0/   (props changed)
    branches/1.6.0/contrib/scripts/astgenkey.8

Propchange: branches/1.6.0/
------------------------------------------------------------------------------
Binary property 'trunk-merged' - no diff available.

Modified: branches/1.6.0/contrib/scripts/astgenkey.8
URL: http://svn.digium.com/view/asterisk/branches/1.6.0/contrib/scripts/astgenkey.8?view=diff&rev=113401&r1=113400&r2=113401
==============================================================================
--- branches/1.6.0/contrib/scripts/astgenkey.8 (original)
+++ branches/1.6.0/contrib/scripts/astgenkey.8 Tue Apr  8 11:56:43 2008
@@ -109,6 +109,21 @@
 Don't encrypt the private key.
 .RE
 
+.SH SECURITY
+The keys are created, using the umask of the user running the command.
+To create the keys in a secure manner, you should check to ensure that
+your umask is first set to disallow the private key from being world-
+readable, such as with the following commands:
+
+.I umask 0066
+
+.I astgenkey yourkey
+
+And then make the key accessible to Asterisk (assuming you run it as
+user "asterisk").
+
+  chown asterisk /var/lib/asterisk/keys/yourname.*
+
 .SH FILES
 .I /var/lib/asterisk/keys
 .RS