Bug#471958: marked as done (openssl: Generated private keys world-readable by default)

Tue, 31 May 2016 14:58:17 -0700 

Your message dated Tue, 31 May 2016 23:49:17 +0200
with message-id <[email protected]>
and subject line Re: Bug#471958: openssl: Generated private keys world-readable 
by default
has caused the Debian Bug report #471958,
regarding openssl: Generated private keys world-readable by default
to be marked as done.

This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.

(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)


-- 
471958: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=471958
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message --- 
Package: openssl
Version: 0.9.8g-4
Severity: important
Tags: security

master@capsaicin:~ 148 $ openssl genrsa -out foo 512
Generating RSA private key, 512 bit long modulus
..++++++++++++
..........++++++++++++
e is 65537 (0x10001)
master@capsaicin:~ 0 $ ls -l foo
-rw-r--r-- 1 master master 493 mar 21 11:51 foo

The generated key should really not be world-readable by default. Make
it mode 0600, if user needs more permissive (e.g. 0640), sie can
loosen it.

-- System Information:
Debian Release: lenny/sid
  APT prefers unstable
  APT policy: (500, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.24-1-amd64 (SMP w/2 CPU cores)
Locale: LANG=fr_LU.UTF-8, LC_CTYPE=fr_LU.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages openssl depends on:
ii  libc6                  2.7-6             GNU C Library: Shared libraries
ii  libssl0.9.8            0.9.8g-4          SSL shared libraries
ii  zlib1g                 1:1.2.3.3.dfsg-11 compression library - runtime

openssl recommends no packages.

-- no debconf information

--- End Message ---
--- Begin Message --- 
On 2016-05-31 15:11:22 [+0200], Lionel Elie Mamane wrote:
> 
> I disagree with upstream but am not going to fight it. Leaving this
> bug open indefinitely without intending to ever fix it does not make
> sense indeed.

Closing.

Sebastian

--- End Message ---

Reply via email to