New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
The secret key that encrypts the backups should not be world readable. #150
Conversation
Hello & thanks! Could you re-do this with the https://github.com/mail-in-a-box/mailinabox/blob/master/setup/dns.sh#L43 This is more secure by ensuring the file is created initially with the correct permissions, rather than opening a small window when it has incorrect permissions. The fix for existing installations should really go in the migrate script so that we don't clutter the setup script. |
How about that? ;) |
Fantastic. Did you test both parts? (Hoping to avoid testing myself before merging.) |
I did not test the complete scripts but the individual lines of code. Both worked fine (i.e. possible namespace issues, syntax..) |
I think you should also notify users that there secret key could be compromised. |
The threat model for this project assumes that only trusted users have local access, so absent some other problem there's no real problem. |
The management part doesn't work. If you run setup.sh on your own box again you'll see it sets incorrect/crazy permissions. |
The bug was at the migrate.py script. It works now. It's a different behaviour in Python 3 that caused this. Most of my scripts are in Python 2 :) |
The secret key that encrypts the backups should not be world readable.
Thanks! |
umask at the creation of the key plus migration.py-function to fix permission in existing installations.