codehotter / 389-ds-base

Forked from 389-ds-base 5 years ago
Clone
Source Code
GIT

018c836 Ticket 49899 - fix pin.txt and pwdfile permissions

1 file Authored by firstyear 5 years ago, Committed by firstyear 5 years ago,
raw patch tree parent
1 file changed. 20 lines added. 15 lines removed.
src/lib389/lib389/nss_ssl.py
file modified
+20 -15 
    Ticket 49899 - fix pin.txt and pwdfile permissions
    
    Bug Description: On unix, user and group permissions are basically
    the same, because users always have a primary group. However, best
    practice ignores this, and states everything should be user
    owned only if security sensitive.
    
    Fix Description: Make pin.txt and pwdfile user only owned to prevent
    disclosure (in limited circumstances, this is little more than
    a compliance step).
    
    https://pagure.io/389-ds-base/issue/49899
    
    Author: William Brown <william@blackhats.net.au>
    
    Review by: tbordaz, mhonek (Thanks)
file modified
+20 -15
Powered by Pagure 5.13.3
DocumentationFile an IssueAboutSSH Hostkey/Fingerprint
© Red Hat, Inc. and others.