[Freeipa-devel] [PATCH 0032] Secure permission and cleanup Custodia server.keys
Christian Heimes
cheimes at redhat.com
Tue Jul 12 14:45:11 UTC 2016
Custodia's server.keys file contain the private RSA keys for encrypting
and signing Custodia messages. The file was created with permission 644
and is only secured by permission 700 of the directory
/etc/ipa/custodia. The installer and upgrader ensure that the file
has 600.
The server.keys file and all keys are now removed when during
uninstallation of a server, too.
https://bugzilla.redhat.com/show_bug.cgi?id=1353936
https://fedorahosted.org/freeipa/ticket/6015
https://fedorahosted.org/freeipa/ticket/6056
-------------- next part --------------
A non-text attachment was scrubbed...
Name: freeipa-cheimes-0032-2-Secure-permission-and-cleanup-Custodia-server.keys.patch
Type: text/x-patch
Size: 7730 bytes
Desc: not available
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20160712/2f0e05e9/attachment.bin>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 455 bytes
Desc: OpenPGP digital signature
URL: <http://listman.redhat.com/archives/freeipa-devel/attachments/20160712/2f0e05e9/attachment.sig>
More information about the Freeipa-devel
mailing list