Re: [OT] /etc/machine-id "must not be exposed in untrusted environments"

To: debian-devel@lists.debian.org
Subject: Re: [OT] /etc/machine-id "must not be exposed in untrusted environments"
From: Jim Popovitch <jim@k4vqc.com>
Date: Thu, 08 Aug 2019 18:58:54 -0400
Message-id: <[🔎] 1565305134.16693.0.camel@k4vqc.com>
In-reply-to: <[🔎] 20190808192028.vu2hwb7rmt7eiiw2@basil.wdw>
References: <[🔎] 20190808192028.vu2hwb7rmt7eiiw2@basil.wdw>

On Thu, 2019-08-08 at 15:20 -0400, Marvin Renich wrote:
> This is related to the thread Generating new IDs for cloning, but is
> probably OT for this list.  I guess this is really a question for
> systemd maintainers?  Should I file a bug?
> 
> The man page for machine-id says:
> 
>   This ID uniquely identifies the host. It should be considered
>   "confidential", and must not be exposed in untrusted environments, in
>   particular on the network.
> 
> Why is the file mode 0666?  Does it need to be non-root readable? 

Mine is 0444, so that Chrome can read it.  /s

-Jim P.

Reply to:

References:
- [OT] /etc/machine-id "must not be exposed in untrusted environments"
  - From: Marvin Renich <mrvn@renich.org>

Prev by Date: Re: duplicate popularity-contest ID
Next by Date: Re: [OT] /etc/machine-id "must not be exposed in untrusted environments"
Previous by thread: Re: [OT] /etc/machine-id "must not be exposed in untrusted environments"
Next by thread: Bypassing the 2/3/4GB virtual memory space on 32-bit ports
Index(es):
- Date
- Thread