[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Lower freeipmi.conf permission as it could contain sensitive informa
|
From: |
Fabio Fantoni |
|
Subject: |
Re: Lower freeipmi.conf permission as it could contain sensitive informations |
|
Date: |
Sun, 7 Feb 2021 19:34:12 +0100 |
|
User-agent: |
Mozilla/5.0 (Windows NT 10.0; Win64; x64; rv:78.0) Gecko/20100101 Thunderbird/78.7.1 |
Il 07/02/2021 19:10, Al Chu ha scritto:
> Hi Fabio,
>
> Thanks, I've decreased it and other conf files to 640. I never caught
> this b/c the permissions were overwritten to 0600 in the RPM spec
> files.
thanks, decrease all conf files is not needed if not all them can
contain sensitive informations (like username/password) FWIK, I did a
fast look and seems:
- freeipmi.conf ipmiseld.conf libipmiconsole.conf can contain sensitive
informations
- freeipmi_interpret_sel.conf freeipmi_interpret_sensor.conf
ipmidetect.conf ipmidetectd.conf don't can contain sensitive informations
is it correct?
>
> Al
>
> On Sun, 2021-02-07 at 13:17 +0100, Fabio Fantoni wrote:
>> Hi, freeipmi.conf could contain sensitive informations, default
>> permission setted to it by build (in etc/Makefile.am) is 644, debian
>> decreased it in packaging after build very long time ago
>> (https://salsa.debian.org/debian/freeipmi/-/blob/master/debian/rules)
>> .
>>
>> I think is good decrease it also upstream from 644 to 640 (removing
>> read
>> permission to others).
>>
>> Thanks for any reply and sorry for my bad english.
>>
>>