Bug ID | 965037 |
---|---|
Summary | unbount-anchor root key should be world-readable |
Classification | openSUSE |
Product | openSUSE Tumbleweed |
Version | 2015* |
Hardware | Other |
OS | Other |
Status | NEW |
Severity | Normal |
Priority | P5 - None |
Component | Security |
Assignee | security-team@suse.de |
Reporter | bjacke@samba.org |
QA Contact | qa-bugs@suse.de |
Found By | --- |
Blocker | --- |
while testing gnutls with dane support I noticed an error due to unbound-anchor root key permission error. The DNSsec root key is only readable by user/group unbound. It should be readable by everybody. [1454547105] libunbound[11647:0] error: error opening file /var/lib/unbound/root.key: Permission denied [1454547105] libunbound[11647:0] error: error reading trust-anchor-file: /var/lib/unbound/root.key [1454547105] libunbound[11647:0] error: validator: error in trustanchors config [1454547105] libunbound[11647:0] error: validator: could not apply configuration settings. [1454547105] libunbound[11647:0] error: module init for module validator failed