Eygene A. Ryabinkin
freebsd at rea.mbslab.kiae.ru
Thu Jul 14 10:14:45 GMT 2005
Playing with OPIE I've noticed that the /etc/opiekeys have mode 644. As I
remember there was a vulnurability related to this permissions for S/Key. But
at that times that file was named /etc/skeykeys and it was created with
permissions 600, so FreeBSD was not vulnerable to the disctionary attack.
But now it seems to be vulnurable again. Are there any programs that are
run in non-root mode and they do want to use OPIE? If there is no such
programs, why the permissions are so strange?
More information about the freebsd-hackers