This repository has been archived by the owner on Apr 26, 2024. It is now read-only.
--generate-keys creates world readable private key (SYN-671)
#1528
Labels
A-Packaging
Our Debian packages, docker images; or issues relevant to downstream packagers
S-Minor
Blocks non-critical functionality, workarounds exist.
Security
T-Defect
Bugs, crashes, hangs, security vulnerabilities, or other reported issues.
Z-Help-Wanted
We know exactly how to fix this issue, and would be grateful for any contribution
Comments
|
My quick fix is something like this: #!/bin/bash
USER="matrix-synapse"
GROUP="matrix-synapse"
PRIVKEYFILE=/etc/matrix-synapse/homeserver.tls.key
SIGNKEYFILE=/etc/matrix-synapse/homeserver.signing.key
if ! getent group $GROUP >/dev/null; then
addgroup --quiet --system $GROUP
fi
if ! getent group $GROUP | cut -d : -f 4 | grep $USER > /dev/null; then
addgroup $USER $GROUP
fi
if [ -f $PRIVKEYFILE ]; then
chgrp $GROUP $PRIVKEYFILE
chmod 640 $PRIVKEYFILE
fi
if [ -f $SIGNKEYFILE ]; then
chgrp $GROUP $SIGNKEYFILE
chmod 640 $SIGNKEYFILE
fiThe key files get created by the init script using -- Billiam Crashkopf |
matrixbot
changed the title
matrixbot
changed the title
richvdh
added
the
A-Packaging
richvdh
added
Security
T-Defect
richvdh
changed the title
--generate-keys creates world readable private key :( (SYN-671)
|
This is easily fixed by adding a |
richvdh
added
the
Z-Help-Wanted
richvdh
changed the title
--generate-keys creates world readable private key :( (SYN-671)--generate-keys creates world readable private key (SYN-671)
4 tasks
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
... and hence so does the debian package.
Submitted by @matthew:matrix.org
(Imported from https://matrix.org/jira/browse/SYN-671)
The text was updated successfully, but these errors were encountered: