[pkg-wpa-devel] Bug#428620: Conflicting advice regarding security
Loye Young
loyeyoung at homer.iycc.biz
Wed Jun 13 00:24:05 UTC 2007
Package: wpasupplicant
Version: 0.5.7
/usr/share/doc/wpasupplicant/README.modes.gz advises (waaayyyyy down at the bottom) to set permissions to 0600 for both /etc/network/interfaces and /etc/wpa_supplicant/wpa_supplicant.conf.
/usr/share/doc/wpasupplicant/examples/README.wpa_supplicant.conf.gz advises that by setting GROUP=wheel, non-root users can use the control interface, but wpa_supplicant can run as root. However, if wpa_supplicant.conf is 0600, only root can read the file and client apps fail because they cannot read configuration file.
Would it make sense to:
chmod root:wheel wpa_supplicant.conf
chmod 0660 wpa_supplicant.conf
by default?
Happy Trails,
Loye Young
http://www.iycc.biz
Laredo, Texas
More information about the Pkg-wpa-devel
mailing list