File permissions for ed25519 don't match those of rsa type keys
Bug #1857827 reported by
Patrick Ben Koetter
on 2019-12-29
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| | dkimpy |
High
|
Scott Kitterman | ||
Bug Description
Upon creation dknewkey creates key files with permissions 0600 for rsa type keys, but with 0644 permission for ed25519 keys. I believe it should be 0600 in all cases.
| Scott Kitterman (kitterman) wrote : | #2 |
Thanks. The difference is that for RSA, openssl is writing the file and dknewkey is doing it itself for ed25519. I agree. This should be easy enough to fix.
| Changed in dkimpy: | |
| assignee: | nobody → Scott Kitterman (kitterman) |
| importance: | Undecided → High |
| milestone: | none → 1.0.2 |
| status: | New → Triaged |
Scott Kitterman (kitterman)
on 2019-12-31
| Changed in dkimpy: | |
| status: | Triaged → Won't Fix |
| status: | Won't Fix → Fix Committed |
| Scott Kitterman (kitterman) wrote : | #3 |
2019-12-31 Version 1.0.2
- dknewkey: On posix operating systems set file permissions to 600 for
ed25519 private key files (as is already done for RSA) (LP: #1857827)
- Update documentation URL in README.md
- Set minimum dnspython version to 1.16 because previous versions can not
support the timeout parameter (LP: #1856546)
| Changed in dkimpy: | |
| status: | Fix Committed → Fix Released |
To post a comment you must log in.
dknewkey is actually part of dkimpy, not the milter package. Reassigning.