On Sat, Aug 24, 2013 at 07:18:20AM -0000, cheater wrote: > bear in mind ssh has the same policy about ignoring "insecure" files.
Incorrect. ssh has a policy of disallowing insecure files on the *server* side: insecure permissions on the .ssh directory of the target user mean the server cannot trust the integrity of those files. But that does not prevent ssh from using a world-readable identity file on the *client* side, which is the security equivalent of what we're talking about here. The reason for this is that sometimes the client really *does* want the private key to be shared, and ssh shouldn't get in the way of that; and once the file has been made public any other user can copy it to a mode 0600 file of their own and use it there: the cat's already out of the bag, so there's no point in trying to enforce "security" on the client. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/321442 Title: NM ignores "system"-level connections if files are world-readable To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/network-manager/+bug/321442/+subscriptions -- ubuntu-bugs mailing list [email protected] https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
