Starting radius issue - configuration files globaly readable.

Peter Nixon listuser at
Fri Feb 9 09:07:50 CET 2007

On Thu 08 Feb 2007 13:58, Alan DeKok wrote:
> tzieleniewski wrote:
> > Hi!
> >
> > I have just compiled the latest CVS and whenever I try to start radius I
> > get the following info: Configuration file
> > /home/radius/freeradius/raddb/radiusd.conf is globally readable.
> >
> > This is because I use the symbolic links to files. Can this restriction
> > be somehow  removed??
>   Edit the source code.
>   I will likely be updating the checks to be a little smarter than what
> they are right now.  But having the config files globally readable means
>  that anyone can pretend to be the RADIUS server.

I have to say that this caught me out also when I upgraded one of my radius 
servers yesterday. My spec files had radiusd.conf as world readable, but 
clients.conf and sql.conf etc (everything with passwords in them) as only 
radiusd group readable.

Next time you make a change like this can you give a heads up to 
packagers? :-)

It still might be worth notifying the debian guys etc...



Peter Nixon
PGP Key:
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <>

More information about the Freeradius-Users mailing list