subject:"Bug#471958\: openssl\: Generated private keys world\-readable by default"

Bug#471958: openssl: Generated private keys world-readable by default

2016-05-31 Thread Lionel Elie Mamane

On Sat, May 28, 2016 at 09:52:30PM +0200, Sebastian Andrzej Siewior wrote: > On 2008-04-06 15:04:58 [+0200], Lionel Elie Mamane wrote: >> OK, fair enough. If only Debian patches it, people using Debian >> will write scripts using genrsa that are dangerous on other >> OSes. I've emailed upstream

Bug#471958: openssl: Generated private keys world-readable by default

2016-05-28 Thread Sebastian Andrzej Siewior

On 2008-04-06 15:04:58 [+0200], Lionel Elie Mamane wrote: > OK, fair enough. If only Debian patches it, people using Debian will > write scripts using genrsa that are dangerous on other OSes. I've > emailed upstream with the suggestion, we'll see what they think of > it. Upstream suggested to use

Bug#471958: [Pkg-openssl-devel] Bug#471958: openssl: Generated private keys world-readable by default

2008-04-07 Thread Kurt Roeckx

forwarded 471958 http://rt.openssl.org/index.html?q=1662 thanks On Sun, Apr 06, 2008 at 03:04:58PM +0200, Lionel Elie Mamane wrote: OK, fair enough. If only Debian patches it, people using Debian will write scripts using genrsa that are dangerous on other OSes. I've emailed upstream with the

Bug#471958: openssl: Generated private keys world-readable by default

2008-04-06 Thread Lionel Elie Mamane

On Fri, Mar 21, 2008 at 02:23:38PM +0100, Florian Weimer wrote: * Lionel Elie Mamane: On Fri, Mar 21, 2008 at 01:20:01PM +0100, Florian Weimer wrote: [EMAIL PROTECTED]:~ 148 $ openssl genrsa -out foo 512 -rw-r--r-- 1 master master 493 mar 21 11:51 foo The generated key should really not be

Bug#471958: openssl: Generated private keys world-readable by default

2008-03-21 Thread Lionel Elie Mamane

Package: openssl Version: 0.9.8g-4 Severity: important Tags: security [EMAIL PROTECTED]:~ 148 $ openssl genrsa -out foo 512 Generating RSA private key, 512 bit long modulus .. .. e is 65537 (0x10001) [EMAIL PROTECTED]:~ 0 $ ls -l foo -rw-r--r-- 1 master master 493

Bug#471958: openssl: Generated private keys world-readable by default

2008-03-21 Thread Florian Weimer

* Lionel Elie Mamane: [EMAIL PROTECTED]:~ 148 $ openssl genrsa -out foo 512 Generating RSA private key, 512 bit long modulus .. .. e is 65537 (0x10001) [EMAIL PROTECTED]:~ 0 $ ls -l foo -rw-r--r-- 1 master master 493 mar 21 11:51 foo The generated key

Bug#471958: openssl: Generated private keys world-readable by default

2008-03-21 Thread Lionel Elie Mamane

On Fri, Mar 21, 2008 at 01:20:01PM +0100, Florian Weimer wrote: [EMAIL PROTECTED]:~ 148 $ openssl genrsa -out foo 512 -rw-r--r-- 1 master master 493 mar 21 11:51 foo The generated key should really not be world-readable by default. You could simply use a more restrictive umask. Yes, but

Bug#471958: openssl: Generated private keys world-readable by default

2008-03-21 Thread Florian Weimer

* Lionel Elie Mamane: On Fri, Mar 21, 2008 at 01:20:01PM +0100, Florian Weimer wrote: [EMAIL PROTECTED]:~ 148 $ openssl genrsa -out foo 512 -rw-r--r-- 1 master master 493 mar 21 11:51 foo The generated key should really not be world-readable by default. You could simply use a more

Bug#471958: openssl: Generated private keys world-readable by default

Bug#471958: openssl: Generated private keys world-readable by default

Bug#471958: [Pkg-openssl-devel] Bug#471958: openssl: Generated private keys world-readable by default

Bug#471958: openssl: Generated private keys world-readable by default

Bug#471958: openssl: Generated private keys world-readable by default

Bug#471958: openssl: Generated private keys world-readable by default

Bug#471958: openssl: Generated private keys world-readable by default

Bug#471958: openssl: Generated private keys world-readable by default

8 matches

Site Navigation

Mail list logo

Footer information