On Mon, Jun 01, 2020 at 06:28:40PM -0400, Daniel Jakots wrote: > To be sure I don't accidentally overwrite the passphrase files, I'd > like to make them read only. The current code expects them to be > readable and writable. I took the new code from ssh (sshkey_perm_ok > function). Permissions only protect you against non-root users; for more there's chflags(1), e.g. `chflags schg ./keyfile ; sysctl kern.securelevel=1'.
- bioctl: Allow passphrase files to be chmod 400 Daniel Jakots
- Re: bioctl: Allow passphrase files to be chmod 400 Klemens Nanni
