Hi, Currently, openssl creates private RSA keys with the default permissions:
leon@lagrange /tmp % openssl version
OpenSSL 1.0.1e-fips 11 Feb 2013
leon@lagrange /tmp % openssl genrsa -out foobar.key
Generating RSA private key, 1024 bit long modulus
...........++++++
...........++++++
e is 65537 (0x10001)
leon@lagrange /tmp % ls -l foobar.key
-rw-rw-r--. 1 leon leon 883 May 16 02:28 foobar.key
As in the example above, this may be world-readable. It would be
preferable to create private keys with stricter permissions. This can
be achieved e. g. by calling the POSIX function open(filename,
O_WRONLY | O_CREAT | O_TRUNC, S_IRUSR | S_IWUSR).
-- Leon.
signature.asc
Description: PGP signature
