[arch-general] Why are CA certifcates writable for every user?

Hello! When I'm doing cd /etc/ssl/certs/ ls -al I see something like this: [...] lrwxrwxrwx 1 root root102 21. Dez 17:56 Verisign_Class_1_Public_Primary_Certification_Authority_-_G3.pem -

Re: [arch-general] Why are CA certifcates writable for every user?

Symlinks often (always?) show as 777 permissions. If you look at the actual file that it links to, you'll see the permissions are fine: [darose@daroseneo ~]$ ls -l /etc/ca-certificates/extracted/cadir/Verisign_Class_1_Public_Primary_Certification_Authority_-_G3.pem -r--r--r-- 1 root root

Re: [arch-general] Why are CA certifcates writable for every user?

Hi On Thu, Feb 5, 2015 at 11:15 AM, David Rosenstrauch dar...@darose.net wrote: Symlinks often (always?) show as 777 permissions. Linux manpage for symlinks states http://man7.org/linux/man-pages/man7/symlink.7.html On Linux, the permissions of a symbolic link are not used in any operations;

Re: [arch-general] Why are CA certifcates writable for every user?

On 05/02/15 19:20, Patrick Burroughs (Celti) wrote: their actual permissions are those of the target. From what I understand (and tests I've done, and discussions on arch channels on IRC) their actual permissions are inherited from the directory they are in AND from the permissions of a target.

[arch-general] Trusting certificates when installing mono

It can be a frequent problem among .NET devs that mono trusts no certificates by default. The usual procedure is to have users manually run `mozroots --import --sync` to trust the same certs Mozilla trusts, but that makes it so that there will always be a manual step after installing your