Starting radius issue - configuration files globaly readable.
Alan DeKok
aland at deployingradius.com
Fri Feb 9 11:25:36 CET 2007
Peter Nixon wrote:
> I have to say that this caught me out also when I upgraded one of my radius
> servers yesterday. My spec files had radiusd.conf as world readable, but
> clients.conf and sql.conf etc (everything with passwords in them) as only
> radiusd group readable.
>
> Next time you make a change like this can you give a heads up to
> packagers? :-)
OK. In somewhat of a defense, there's no official release based on
that code yet.
I'm going to update the checks to make them a little less restrictive.
${raddb} should be o-rwx. Any files within ${raddb} can have any
permission they want.
Sound OK?
Alan DeKok.
--
http://deployingradius.com - The web site of the book
http://deployingradius.com/blog/ - The blog
More information about the Freeradius-Users
mailing list