https://bugzilla.novell.com/show_bug.cgi?id=398250
User anicka@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=398250#c19
--- Comment #19 from Anna Bernathova 2008-06-17 06:03:22 MDT ---
As I am thinking about it, the way that ssh uses to determine right permissions
for keys is a bit short-sighted. Even a key readable for others can be OK - we
can use ACLs, we can correctly set permissions in the directories where keys
lie... the only correct way how to check it without mistakes I can come up with
is to su to nobody and try to read them. But we are probably not to going to
"fix" this check in ssh, so we should behave consistently...
Fine. Yast will take care of checking permissions during installation. RPM
scriptlet might check permissions during a ssh update but I have no idea what
is a preferred behavior when problem occurs: Just die with the reason that keys
might have leaked? When we agree on some behavior here, we are done for future
products.
--
Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.