Sadly, the change is not trivial since it would require implementing support for permissions in java.util.zip.*
Shelling out is not an option since the contents of the zip never actually exist as files. On Fri, Jan 29, 2010 at 10:54 AM, Dustin Kirkland <dustin.kirkl...@gmail.com> wrote: > Chris, can you bang this trivial change into 1.6.2? > > -- > credentials zip file should pack files with permissions 600 > https://bugs.launchpad.net/bugs/409777 > You received this bug notification because you are a bug assignee. > > Status in Eucalyptus: Confirmed > Status in “eucalyptus” package in Ubuntu: Triaged > > Bug description: > You can download credentials from the web site in a packed zipfile. > > When this file is unzipped, some relatively sensitive information is > unpacked, including keys and credentials. > > When creating the zipfile, these files should be permissioned appropriately, > such as 600. > > :-Dustin > > > -- Chris Grzegorczyk Co-Founder and Engineer Eucalyptus Systems, Inc. 130 Castilian St. | Goleta, CA | 93117 Office: 805-968-1400 x e^1 | Cell: 805-807-8237 Email: g...@eucalyptus.com www.eucalyptus.com ________________________________________ -- credentials zip file should pack files with permissions 600 https://bugs.launchpad.net/bugs/409777 You received this bug notification because you are a member of Ubuntu Server Team, which is subscribed to eucalyptus in ubuntu. -- Ubuntu-server-bugs mailing list Ubuntu-server-bugs@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/ubuntu-server-bugs
