thr3ads.net - Nut upsuser - [Nut-upsuser] /etc/pki/nssdb is world readable complaint [Dec 2022]

If this information is useful, please help other people find it:
Share via:

Orion Poplawski

2022-Dec-29 17:11 UTC

[Nut-upsuser] /etc/pki/nssdb is world readable complaint

nut-server/upsd complains that /etc/pki/nssdb is world readable. 
However, this is the standard configuration (RedHat/Ubuntu).  If keys 
are present they should be protected by a pin/password.

-- 
Orion Poplawski
he/him/his  - surely the least important thing about me
IT Systems Manager                         720-772-5637
NWRA, Boulder/CoRA Office             FAX: 303-415-9702
3380 Mitchell Lane                       orion at nwra.com
Boulder, CO 80301                 https://www.nwra.com/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/pkcs7-signature
Size: 3847 bytes
Desc: S/MIME Cryptographic Signature
URL:
<http://alioth-lists.debian.net/pipermail/nut-upsuser/attachments/20221229/5df15b0a/attachment-0001.bin>

Greg Troxel

2022-Dec-29 17:51 UTC

head link

[Nut-upsuser] /etc/pki/nssdb is world readable complaint

Orion Poplawski via Nut-upsuser <nut-upsuser at alioth-lists.debian.net>
writes:
> nut-server/upsd complains that /etc/pki/nssdb is world readable. 
> However, this is the standard configuration (RedHat/Ubuntu).
did upsd complain, or some library it includes?  It seems possiblethe
issue is not really a nut one.


> If keys are present they should be protected by a pin/password.
I suspect opinions differ and  many think a file which could have keys
should not be readable.

Nut upsuser - Dec 2022 - /etc/pki/nssdb is world readable complaint

[Nut-upsuser] /etc/pki/nssdb is world readable complaint

[Nut-upsuser] /etc/pki/nssdb is world readable complaint