Re: Fwd: [SCM] opendkim branch, develop, updated. 9c9f6aa9e5f6f39334f9e2a8126787c798504738

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ] [ by messages with attachments ]

From: Daniel Black <daniel.subs_at_internode.on.net>
Date: Sun, 24 Feb 2013 10:43:01 +1100

On 23/02/13 23:33, Murray S. Kucherawy wrote:
> On Sat, 23 Feb 2013, Daniel Black wrote:
>> This should have a umask set in the script to prevent a race condition
>> from accessing the private key.
>
> If this is typically run by the same user every time, then you must be
> talking about a umask that turns off the write bit. Otherwise the same
> user can always overwrite its own files. Correct?

I was mainly thinking the read bits for group,other so another user
couldn't read the private key generated in the brief interval before its
permission changes.

> If the concern is that some other user could write the file before root
> gets there, then this is really a concern about the permissions on
> /etc/mail/opendkim, and umask doesn't matter.

correct.

>
> -MSK
>
>
Received on Sat Feb 23 2013 - 23:43:12 PST

This archive was generated by hypermail 2.3.0 : Sat Feb 23 2013 - 23:45:02 PST