On 05/17/2010 11:46 AM, Christoph Anton Mitterer wrote: > If you need to change for example ssh, to allow an authorized_keys file > or perhaps even things like ~/.ssh/id_rsa to be group-readable and/or > writable you actively compromise security, at least for those systems > which do not use (for whatever reason) UPG. How does this compromise security when you're the only member of your private group? > I guess upstream haven't added that permissions checks just because life > was so boring, but rather for some specific reason. > In the case of authorized_keys, I assume, to prevent "social > attacks".... if you know which people are allowed to access a machine, > it's much easier to get their keys... Setting any permission bit on any file on any computer won't protect you from social engineering, so I fail to see where you're going with your argument. > Or do I understand the idea behind 581919 wrongly? 581919 was created, because the write bit should be set on the ~/.ssh/ directory, and contents, seeing as though Debian is a UPG-based operating system. The only user of the private group is the owner of the file itself. This was the reason for 314347, as SVN was behaving unexpectedly. Thus, a regression. -- . O . O . O . . O O . . . O . . . O . O O O . O . O O . . O O O O . O . . O O O O . O O O
Attachment:
signature.asc
Description: OpenPGP digital signature