Skip to content
Commit 3b061a00 authored by Rich Salz's avatar Rich Salz Committed by Rich Salz
Browse files

RT2547: Tighten perms on generated privkey files



When generating a private key, try to make the output file be readable
only by the owner.  Put it in CHANGES file since it might be noticeable.

Add "int private" flag to apps that write private keys, and check that it's
set whenever we do write a private key.  Checked via assert so that this
bug (security-related) gets fixed.  Thanks to Viktor for help in tracing
the code-paths where private keys are written.

Reviewed-by: default avatarViktor Dukhovni <viktor@openssl.org>
parent d31fb0b5
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment