Bug ID 965037
Summary unbount-anchor root key should be world-readable
Classification openSUSE
Product openSUSE Tumbleweed
Version 2015*
Hardware Other
OS Other
Status NEW
Severity Normal
Priority P5 - None
Component Security
Assignee security-team@suse.de
Reporter bjacke@samba.org
QA Contact qa-bugs@suse.de
Found By ---
Blocker --- 

while testing gnutls with dane support I noticed an error due to unbound-anchor
root key permission error. The DNSsec root key is only readable by user/group
unbound. It should be readable by everybody.

[1454547105] libunbound[11647:0] error: error opening file
/var/lib/unbound/root.key: Permission denied
[1454547105] libunbound[11647:0] error: error reading trust-anchor-file:
/var/lib/unbound/root.key
[1454547105] libunbound[11647:0] error: validator: error in trustanchors config
[1454547105] libunbound[11647:0] error: validator: could not apply
configuration settings.
[1454547105] libunbound[11647:0] error: module init for module validator failed

You are receiving this mail because: