Package: tripwire Version: 2.3.1.2.0-3 Severity: important Tags: security Hello,
After a fresh install, the permissions on the domain and site keys are: -rw-r--r-- 1 root root 931 2005-04-06 10:41 nekral-local.key -rw-r--r-- 1 root root 931 2005-04-06 10:40 site.key The same applies to other files in the /etc/tripwire directory, but having the policy or configuration of tripwire readable is IMO not an issue (even if not needed). IIRC, these key files contain the unencrypted puclic key and the private key crypted by a pass phrase. Having them readable for all could ease a brute force attack on the pass phrase. Note: This is not that important, and security is not completely removed. So if having these files readable is needed (it can permit a non-root user to decrypt the database, and generate reports for a set of files), then this bug can probably be closed or changed to a wishlist (having a separate shadowed private key file). -- System Information: Debian Release: 3.1 APT prefers unstable APT policy: (500, 'unstable'), (1, 'experimental') Architecture: i386 (i686) Kernel: Linux 2.4.27 Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8) Versions of packages tripwire depends on: ii debconf 1.4.47 Debian configuration management sy ii libc6 2.3.2.ds1-20 GNU C Library: Shared libraries an ii libgcc1 1:3.4.3-12 GCC support library ii libstdc++5 1:3.3.5-12 The GNU Standard C++ Library v3 ii postfix [mail-transport-age 2.1.5-9 A high-performance mail transport -- debconf information: * tripwire/installed: * tripwire/site-passphrase-incorrect: true * tripwire/use-localkey: true tripwire/change-in-default-policy: tripwire/upgrade: true * tripwire/rebuild-policy: true * tripwire/rebuild-config: true tripwire/email-report: tripwire/broken-passphrase: * tripwire/use-sitekey: true tripwire/local-passphrase-incorrect: false Thanks in advance, -- Nekral -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
