Bugzilla – Bug 6559
Last modified: 2008-12-01 15:13:12
You need to
before you can comment on or make changes to this bug.
The grid-change-passphrase script doesn't set umask prior to running the
openssl command to create a new key file. In the time between that file's
creation and the new passphrase being entered twice, another use could open
that file for reading to get a peek at the (encrypted) private key.
Fix committed to 4.0 branch, 4.2 branch, and trunk