Bug 2008204 - key files default permissions
Summary: key files default permissions
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Fedora
Classification: Fedora
Component: tang
Version: 34
Hardware: x86_64
OS: Linux
unspecified
high
Target Milestone: ---
Assignee: Sergio Correia
QA Contact: Fedora Extras Quality Assurance
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2021-09-27 15:11 UTC by lejeczek
Modified: 2021-10-29 22:57 UTC (History)
5 users (show)

Fixed In Version: tang-10-4.fc36 tang-10-3.fc34 tang-10-3.fc33 tang-10-4.fc35
Doc Type: If docs needed, set a value
Doc Text:
Clone Of:
Environment:
Last Closed: 2021-10-04 12:47:05 UTC
Type: Bug


Attachments (Terms of Use)

Description lejeczek 2021-09-27 15:11:22 UTC
Description of problem:

This certainly is very bad

-> $ llr /var/db/tang/
total 8
-rw-r--r--. 1 tang tang 361 Sep 25 12:10 lc9n9WF9zxNZADxKtn4F9F0nrSA48Vt3x_9lMBh0wvs.jwk
-rw-r--r--. 1 tang tang 367 Sep 25 12:10 3D8KwMNKXSxpkctM6jSE0H4gFhhfdbikuaEKxNq5gFc.jwk

no?

Version-Release number of selected component (if applicable):


How reproducible:


Steps to Reproduce:
1.
2.
3.

Actual results:


Expected results:


Additional info:

Comment 1 Sergio Correia 2021-09-27 15:26:06 UTC
(In reply to lejeczek from comment #0)
> Description of problem:
> 
> This certainly is very bad
> 
> -> $ llr /var/db/tang/
> total 8
> -rw-r--r--. 1 tang tang 361 Sep 25 12:10
> lc9n9WF9zxNZADxKtn4F9F0nrSA48Vt3x_9lMBh0wvs.jwk
> -rw-r--r--. 1 tang tang 367 Sep 25 12:10
> 3D8KwMNKXSxpkctM6jSE0H4gFhhfdbikuaEKxNq5gFc.jwk
> 
> no?
> 

What are the permissions for /var/db/tang?
Could you post the output of "ls -l /var/db/", please?

Comment 2 lejeczek 2021-09-27 16:12:41 UTC
-> $ llr /var/db/
total 0
drwx------. 1 root root  16 Mar 18  2021 sudo
drwx------. 1 tang tang 188 Sep 25 12:10 tang

Comment 3 lejeczek 2021-09-27 16:17:50 UTC
If there is no need for world to read - most strict set / least possible access. Rule should apply always & to everything.

Comment 4 Fedora Update System 2021-10-04 12:44:29 UTC
FEDORA-2021-0ada6b6eb6 has been submitted as an update to Fedora 36. https://bodhi.fedoraproject.org/updates/FEDORA-2021-0ada6b6eb6

Comment 5 Fedora Update System 2021-10-04 12:47:05 UTC
FEDORA-2021-0ada6b6eb6 has been pushed to the Fedora 36 stable repository.
If problem still persists, please make note of it in this bug report.

Comment 6 Fedora Update System 2021-10-04 15:28:55 UTC
FEDORA-2021-155bd1bf0b has been submitted as an update to Fedora 35. https://bodhi.fedoraproject.org/updates/FEDORA-2021-155bd1bf0b

Comment 7 Fedora Update System 2021-10-04 15:33:04 UTC
FEDORA-2021-09ff9ffaf0 has been submitted as an update to Fedora 34. https://bodhi.fedoraproject.org/updates/FEDORA-2021-09ff9ffaf0

Comment 8 Fedora Update System 2021-10-04 15:49:14 UTC
FEDORA-2021-6ceccc748b has been submitted as an update to Fedora 33. https://bodhi.fedoraproject.org/updates/FEDORA-2021-6ceccc748b

Comment 9 Fedora Update System 2021-10-05 01:20:07 UTC
FEDORA-2021-6ceccc748b has been pushed to the Fedora 33 testing repository.
Soon you'll be able to install the update with the following command:
`sudo dnf upgrade --enablerepo=updates-testing --advisory=FEDORA-2021-6ceccc748b`
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2021-6ceccc748b

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.

Comment 10 Fedora Update System 2021-10-05 01:32:53 UTC
FEDORA-2021-09ff9ffaf0 has been pushed to the Fedora 34 testing repository.
Soon you'll be able to install the update with the following command:
`sudo dnf upgrade --enablerepo=updates-testing --advisory=FEDORA-2021-09ff9ffaf0`
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2021-09ff9ffaf0

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.

Comment 11 Fedora Update System 2021-10-05 15:17:29 UTC
FEDORA-2021-155bd1bf0b has been pushed to the Fedora 35 testing repository.
Soon you'll be able to install the update with the following command:
`sudo dnf upgrade --enablerepo=updates-testing --advisory=FEDORA-2021-155bd1bf0b`
You can provide feedback for this update here: https://bodhi.fedoraproject.org/updates/FEDORA-2021-155bd1bf0b

See also https://fedoraproject.org/wiki/QA:Updates_Testing for more information on how to test updates.

Comment 12 Fedora Update System 2021-10-12 23:43:12 UTC
FEDORA-2021-09ff9ffaf0 has been pushed to the Fedora 34 stable repository.
If problem still persists, please make note of it in this bug report.

Comment 13 Fedora Update System 2021-10-12 23:46:31 UTC
FEDORA-2021-6ceccc748b has been pushed to the Fedora 33 stable repository.
If problem still persists, please make note of it in this bug report.

Comment 14 Fedora Update System 2021-10-29 22:57:53 UTC
FEDORA-2021-155bd1bf0b has been pushed to the Fedora 35 stable repository.
If problem still persists, please make note of it in this bug report.


Note You need to log in before you can comment on or make changes to this bug.