Am Donnerstag, den 12.02.2009, 16:44 +0100 schrieb Scott Robbins: > On Thu, Feb 12, 2009 at 10:23:01AM -0500, R P Herrold wrote: > > On Wed, 11 Feb 2009, Scott Robbins wrote: > > > > > I have put the article on the wiki at > > > http://wiki.centos.org/HowTos/vpnc > > > > The article asserts clear packaging permissions problems > > exist. Have these been upstreamed? > > By upstream do you mean the source code itself? > > The program built from source doesn't have that issue. On the other > hand, without trying to read Dag's mind, I simply guessed that it was > either minor oversight or a small additional securiy layer. (Assuming > it is Dag who created the rpm, which is a casual assumption on my part.) > > Thanks. > The permissions on the files in dags RPM: rpm -qlvp vpnc-0.5.3-1.el5.rf.i386.rpm [...] -rw------- 1 root root 157 Jan 19 16:35 /etc/vpnc/vpnc.conf -rw------- 1 root root 14995 Jan 19 16:35 /etc/vpnc/vpnc-script I assume 600,root,root is ok for the config file, or do you really need 700 as the article indicates? I will update the permissions of vpnc-script to be 700 Chris financial.com AG Munich head office/Hauptsitz München: Maria-Probst-Str. 19 | 80939 München | Germany Frankfurt branch office/Niederlassung Frankfurt: Messeturm | Friedrich-Ebert-Anlage 49 | 60327 Frankfurt | Germany Management board/Vorstand: Dr. Steffen Boehnert (CEO/Vorsitzender) | Dr. Alexis Eisenhofer | Dr. Yann Samson | Matthias Wiederwach Supervisory board/Aufsichtsrat: Dr. Dr. Ernst zur Linden (chairman/Vorsitzender) Register court/Handelsregister: Munich – HRB 128 972 | Sales tax ID number/St.Nr.: DE205 370 553