Project

Profile

Help

« Previous | Next » 

Revision 707a39cb

Added by Jeremy Cline almost 5 years ago

Create consumer private keys with 600 permissions (CVE-2016-3112)

Prior to this commit, consumers wrote the certificate and private key issued by the Pulp server's registration process to /etc/pki/pulp/consumer/consumer-cert.pem with 644 permissions, which allowed anyone on the host to read the private key. This ensures the file is written with 600 permissions.

https://pulp.plan.io/issues/1834

fixes #1834