simp_le icon indicating copy to clipboard operation
simp_le copied to clipboard
verified publisher icon zenhack

private key permissions

Open zenhack opened this issue 9 years ago • 1 comments

Issue by irv Friday Dec 04, 2015 at 22:27 GMT Originally opened as https://github.com/kuba/simp_le/issues/29

Hi,

I think the permissions on the private key should be more restrictive by default, they're currently set to world readable and should probably be chmod 600

(I noticed this because opensmtpd considers insecure file perms on the private key a fatal error: must be at most rwx------)

zenhack avatar Jan 02 '17 23:01 zenhack

If we can confirm that all major web servers can read the key even with more restrictive permissions, I'm fine adding a flag e.g. --sensitive-files-mode 660 with a default of 600.

zenhack avatar Apr 02 '18 17:04 zenhack