Starting radius issue - configuration files globaly readable.

Peter Nixon listuser at
Fri Feb 9 20:24:04 CET 2007

On Fri 09 Feb 2007 12:25, Alan DeKok wrote:
> Peter Nixon wrote:
> > I have to say that this caught me out also when I upgraded one of my
> > radius servers yesterday. My spec files had radiusd.conf as world
> > readable, but clients.conf and sql.conf etc (everything with passwords
> > in them) as only radiusd group readable.
> >
> > Next time you make a change like this can you give a heads up to
> > packagers? :-)
>   OK.  In somewhat of a defense, there's no official release based on
> that code yet.
>   I'm going to update the checks to make them a little less restrictive.
>  ${raddb} should be o-rwx.  Any files within ${raddb} can have any
> permission they want.
>   Sound OK?

0750 for the dirs and 0640 for the files is a pretty reasonable set of 
permissions in my opinion...


Peter Nixon
PGP Key:
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 189 bytes
Desc: not available
URL: <>

More information about the Freeradius-Users mailing list