Il 07/02/2021 19:10, Al Chu ha scritto: > Hi Fabio, > > Thanks, I've decreased it and other conf files to 640. I never caught > this b/c the permissions were overwritten to 0600 in the RPM spec > files.
thanks, decrease all conf files is not needed if not all them can contain sensitive informations (like username/password) FWIK, I did a fast look and seems: - freeipmi.conf ipmiseld.conf libipmiconsole.conf can contain sensitive informations - freeipmi_interpret_sel.conf freeipmi_interpret_sensor.conf ipmidetect.conf ipmidetectd.conf don't can contain sensitive informations is it correct? > > Al > > On Sun, 2021-02-07 at 13:17 +0100, Fabio Fantoni wrote: >> Hi, freeipmi.conf could contain sensitive informations, default >> permission setted to it by build (in etc/Makefile.am) is 644, debian >> decreased it in packaging after build very long time ago >> (https://salsa.debian.org/debian/freeipmi/-/blob/master/debian/rules) >> . >> >> I think is good decrease it also upstream from 644 to 640 (removing >> read >> permission to others). >> >> Thanks for any reply and sorry for my bad english. >> >>
