Issue #1834
Updated by jcline@redhat.com over 8 years ago
Pulp consumers write the certificate and private key issued by the Pulp server's registration process to /etc/pki/pulp/consumer/consumer-cert.pem with 644 permissions, which allowed anyone on the host to read the private key.
This means a non-privileged user on the host could authenticate with the Pulp server as the consumer.
.