Re: Fwd: [SCM] opendkim branch, develop, updated. 9c9f6aa9e5f6f39334f9e2a8126787c798504738
On 23/02/13 23:33, Murray S. Kucherawy wrote:
> On Sat, 23 Feb 2013, Daniel Black wrote:
>> This should have a umask set in the script to prevent a race condition
>> from accessing the private key.
>
> If this is typically run by the same user every time, then you must be
> talking about a umask that turns off the write bit. Otherwise the same
> user can always overwrite its own files. Correct?
I was mainly thinking the read bits for group,other so another user
couldn't read the private key generated in the brief interval before its
permission changes.
> If the concern is that some other user could write the file before root
> gets there, then this is really a concern about the permissions on
> /etc/mail/opendkim, and umask doesn't matter.
correct.
>
> -MSK
>
>
Received on Sat Feb 23 2013 - 23:43:12 PST
This archive was generated by hypermail 2.3.0
: Sat Feb 23 2013 - 23:45:02 PST