Anchor server is saving all generated certificates
Bug #1491069 reported by
Michael Xin
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| Anchor |
Invalid
|
Undecided
|
Tim Kelsey | ||
Bug Description
In current implementation, Anchor server is storing all generated certificates under certs/ directory. This is at the risk of information leakage:
For example,
2015-09-01 11:08:38,863 DEBUG [anchor.
2015-09-01 11:08:38,880 INFO [anchor.
2015-09-01 11:08:38,911 INFO [anchor.
2015-09-01 11:08:38,919 INFO [wsgi][
| Changed in anchor: | |
| assignee: | nobody → Tim Kelsey (tim-kelsey) |
Revision history for this message
| Tim Kelsey (tim-kelsey) wrote | #1 |
| Changed in anchor: | |
| status: | New → Invalid |
Revision history for this message
| Stanislaw Pitucha (stanislaw-pitucha) wrote | #2 |
To post a comment you must log in.
this is old behaviour, the latest version will only save certificates if an explicit output path is given. While there seems to be no valid situation (other than debugging) to save the certs locally, im going to leave this code incase I'm missing something.