https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=261330

            Bug ID: 261330
           Summary: certctl rehash obeys (when it should not?) changed
                    umask
           Product: Base System
           Version: 13.0-RELEASE
          Hardware: Any
                OS: Any
            Status: New
          Severity: Affects Only Me
          Priority: ---
         Component: misc
          Assignee: [email protected]
          Reporter: [email protected]

When changing umask for root to 027 in /etc/login.conf, certctl rehash will
update the symlinks, for instance in /etc/ssl/blacklisted/, accordingly.

freebsd-update IDS will report this as a deviation and I assume information on
blacklisted certificates should really be available to non-root users.

-- 
You are receiving this mail because:
You are the assignee for the bug.

Reply via email to