Bug ID: 6614741 keying material with insecure permissions should not be trusted

Bug ID	6614741
Synopsis	keying material with insecure permissions should not be trusted
State	10-Fix Delivered (Fix available in build)
Category:Subcategory	network:ipsec
Keywords
Responsible Engineer	Paul Wernau
Reported Against
Duplicate Of
Introduced In	solaris_9
Commit to Fix	snv_77
Fixed In	snv_77
Release Fixed	solaris_nevada(snv_77) , solaris_10u7(s10u7_02) (Bug ID:2168204)
Related Bugs
Submit Date	9-October-2007
Last Update Date	8-November-2007
Description	Private key files and PKCS#11 hint files are created with root-only read/write permissions. Before reading in these files, they should be checked for proper permissions. A file world-writable, for instance, could be a compromised key and should not be trusted. The same is true for any input file for ipseckey(1m). Being readable by those other than root exposes the actual keys to the world.
Work Around	N/A
Comments	N/A

OpenSolaris