insecure keys.dat permissions #258

Open
opened 2013-06-25 22:57:43 +02:00 by fiatflux · 1 comment
fiatflux commented 2013-06-25 22:57:43 +02:00 (Migrated from github.com)

Currently, keys.dat is created with default permissions on Linux, which often have insecure 644 permissions that are unsatisfactory for keyfiles. I don't know about OSX nor Windows, but I assume they have the same issue. The keys.dat file should be created with a 077 umask.

Currently, keys.dat is created with default permissions on Linux, which often have insecure 644 permissions that are unsatisfactory for keyfiles. I don't know about OSX nor Windows, but I assume they have the same issue. The keys.dat file should be created with a 077 umask.
fiatflux commented 2013-06-26 15:16:01 +02:00 (Migrated from github.com)

Ah, yes, and messages.dat needs the same treatment.

Ah, yes, and messages.dat needs the same treatment.
This repo is archived. You cannot comment on issues.
No Milestone
No project
No Assignees
1 Participants
Due Date
The due date is invalid or out of range. Please use the format 'yyyy-mm-dd'.

No due date set.

Dependencies

No dependencies set.

Reference: Bitmessage/PyBitmessage-2024-12-10#258
No description provided.