[Samba] file rights tls key files.
Rowland penny
rpenny at samba.org
Fri Apr 15 09:05:52 UTC 2016
On 15/04/16 09:09, L.P.H. van Belle wrote:
> Hai,
>
>
>
> Im seeing the following..
>
>
>
> [2016/04/15 09:57:55.135038, 0] ../source4/lib/tls/tls_tstream.c:1216(tstream_tls_params_server)
>
> Invalid permissions on TLS private key file 'server.key.pem':
>
> owner uid 0 should be 0, mode 0440 should be 0600
>
> This is known as CVE-2013-4476.
>
>
>
> It there anyway to override this setting? I do need 0440 here. ( or 0400 )
>
> 0600 is not needed imo.
>
>
Hi Louis, I don't think so, see here:
https://www.samba.org/samba/security/CVE-2013-4476.html
Why do you want '-r--r-----' on the key ?
What is wrong with '-rw------' ?
Rowland
More information about the samba
mailing list