diff options
| author | Gilles Chehade <gilles@cvs.openbsd.org> | 2015-12-12 18:30:40 +0000 |
|---|---|---|
| committer | Gilles Chehade <gilles@cvs.openbsd.org> | 2015-12-12 18:30:40 +0000 |
| commit | 243a3ba5d643de99a469c926410dc267093dd339 (patch) | |
| tree | a2eecb8981440b14f00a3ffa7500970de49aa732 | |
| parent | 7b2dccf77be63086a3f7f285f03950c44107cc6c (diff) | |
do not prevent group from reading key, it prevents a certificate from
being shared between smtpd and another daemon
| -rw-r--r-- | usr.sbin/smtpd/ssl.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/usr.sbin/smtpd/ssl.c b/usr.sbin/smtpd/ssl.c index 9a70718b6ed..f9f7ce4f800 100644 --- a/usr.sbin/smtpd/ssl.c +++ b/usr.sbin/smtpd/ssl.c @@ -1,4 +1,4 @@ -/* $OpenBSD: ssl.c,v 1.82 2015/12/12 17:16:56 gilles Exp $ */ +/* $OpenBSD: ssl.c,v 1.83 2015/12/12 18:30:39 gilles Exp $ */ /* * Copyright (c) 2008 Pierre-Yves Ritschard <pyr@openbsd.org> @@ -314,7 +314,7 @@ ssl_load_keyfile(struct pki *p, const char *pathname, const char *pkiname) { char pass[1024]; - p->pki_key = ssl_load_key(pathname, &p->pki_key_len, pass, 0700, pkiname); + p->pki_key = ssl_load_key(pathname, &p->pki_key_len, pass, 0740, pkiname); if (p->pki_key == NULL) return 0; return 1; |