Skip to content

/etc/yggdrasil.conf has bad file permissions when installed via Debian package #697

New issue
New issue
Open
Open
/etc/yggdrasil.conf has bad file permissions when installed via Debian package#697
Labels
linuxOperating system-specificpackagingRelated to packaging, rather than Yggdrasil itself
@ghost

Description

@ghost
ghost
opened on May 23, 2020

When you first install yggdrasil on Debian machines, /etc/yggdrasil.conf gives read permissions for other (u=rw,og=r) which is default umask.

This is not ideal because the main advantage of yggdrasil is end-to-end encryption and confidentiality. So this flaw makes it really easy for people to decrypt your traffic and impersonate you.

To fix this you could execute:
yggdrasil -genconf | dash -c "mv /etc/yggdrasil.conf /etc/yggdrasil.conf.bak && umask 0037 && cat - > /etc/yggdrasil.conf && chgrp yggdrasil /etc/yggdrasil.conf"

This will backup former configuration and create a new secure configuration file.

Metadata

Metadata

Assignees

No one assigned

    Labels

    linuxOperating system-specificpackagingRelated to packaging, rather than Yggdrasil itself

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions