Control: forwarded -1 https://issues.opendnssec.org/browse/SUPPORT-136
Funny, I have just fixed exactly same bug in ldns. Will push that forward... O. On Thu, Jun 19, 2014, at 14:03, Jonas Smedegaard wrote: > Package: softhsm > Version: 1.3.3-2 > Severity: important > Tags: security > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA512 > > the softshm-keyconv tool creates its output files with default access > rights, i.e. group and aworld readable on a default Debian setup. > > I believe the correct thing would be to instead create files readable > only by the user invoking the tool, or inherit access rights from the > input file of the conversion process. > > - Jonas > > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1 > > iQF8BAEBCgBmBQJTotFzXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w > ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ3NjQ4ODQwMTIyRTJDNTBFQzUxRDQwRTI0 > RUMxQjcyMjM3NEY5QkQ2AAoJEE7BtyI3T5vWnZ4H/iCM68hXXw/FkkZl9xjU3iNz > seEjspR1KTPjiwo/NncbXUWPERc0BR+nN/aUrqCkYONVOLberQJKCXgVG4AoudXT > rGD+mrcBqavz/k0VlDMSQY3g8cksqe+k7yjeiqnscoWdDOSeSgyKes7n2uDllOsi > J5GcNI8LQCUhWm5byK6/zF0gUVK7rHvD36F8HRmxAlkMOywngj0vimJFo2qfXv/3 > jAlG2psLxNd3c8kMwkO6LVOcW//CUKY6KyOGV7GQiNdEyJQT+mqFVt55Bn0Hh5JN > QxDTOcPmHu9znKS0v1qq3E91GHGTJZA8ktm1SA3nNnwA5dUze5giB1yGLfq9zTU= > =qBC7 > -----END PGP SIGNATURE----- -- Ondřej Surý <ond...@sury.org> Knot DNS (https://www.knot-dns.cz/) – a high-performance DNS server -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
