Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Change private key file permissions #551

Merged
merged 4 commits into from Oct 2, 2019
Merged

Change private key file permissions #551

merged 4 commits into from Oct 2, 2019

Conversation

@zedt3ster
Copy link
Member

@zedt3ster zedt3ster commented Sep 30, 2019

Issue Addressed

The account_manager generates private keys and stores them with unnecessary extensive permissions. Indeed, private keys are readable by any user of the system (i.e. -rw-r--r-- or 0644 permission bits).

Proposed Changes

  • Import libc crate for permission bits
  • Change permissions on private key file generation to -rw------- (i.e. 0600)

Additional Info

The validator client is about to be refactored, but thought I'd submit this now anyway :)

@zedt3ster zedt3ster requested a review from paulhauner Sep 30, 2019
@paulhauner
Copy link
Member

@paulhauner paulhauner commented Sep 30, 2019

@mzee I think these tests will pass if you merge in master :)

@paulhauner paulhauner merged commit 6ae62c9 into master Oct 2, 2019
4 checks passed
@AgeManning AgeManning deleted the change-key-perms branch Jan 3, 2020
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Linked issues

Successfully merging this pull request may close these issues.

None yet

3 participants