Bug 6559 - grid-change-passphrase umask
: grid-change-passphrase umask
Status: RESOLVED FIXED
: GSI C
Credentials and Proxies
: 4.2.1
: All All
: P3 normal
: 4.2.2
Assigned To:
:
: 4.0.x
:
:
  Show dependency treegraph
 
Reported: 2008-12-01 11:21 by
Modified: 2008-12-01 15:13 (History)


Attachments


Note

You need to log in before you can comment on or make changes to this bug.


Description From 2008-12-01 11:21:15
The grid-change-passphrase script doesn't set umask prior to running the
openssl command to create a new key file. In the time between that file's
creation and the new passphrase being entered twice, another use could open
that file for reading to get a peek at the (encrypted) private key.
------- Comment #1 From 2008-12-01 11:42:55 -------
Fix committed to 4.0 branch, 4.2 branch, and trunk