Package: softhsm2-common Version: 2.2.0-1 Severity: wishlist Dear Maintainer,
The file permissions on /etc/softhsm and /etc/softhsm/softhsm2.conf seem overly restrictive. There is only one file in the directory, and the contents of the file (by default) are identical to the file /usr/share/softhsm/softhsm2.conf, which is readable by anyone. I guess that creating a group to restrict access to tokens under /var/lib/softhsm makes sense, but there doesn't seem to be a reason to restrict access to the default config file that simply points to that directory. Thanks for your consideration! -- System Information: Debian Release: stretch/sid APT prefers testing APT policy: (900, 'testing'), (800, 'unstable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.8.0-1-amd64 (SMP w/8 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /usr/bin/dash Init: systemd (via /run/systemd/system) Versions of packages softhsm2-common depends on: ii ucf 3.0036 softhsm2-common recommends no packages. softhsm2-common suggests no packages. -- no debconf information
