Project

Profile

Help

Issue #1834

Updated by jcline@redhat.com almost 5 years ago

Pulp consumers write the certificate and private key issued by the Pulp server's registration process to /etc/pki/pulp/consumer/consumer-cert.pem with 644 permissions, which allowed anyone on the host to read the private key.

This means a non-privileged user on the host could authenticate with the Pulp server as the consumer.

Back