From owner-freebsd-hackers@FreeBSD.ORG  Thu Jul 21 07:45:36 2005
Return-Path: <owner-freebsd-hackers@FreeBSD.ORG>
X-Original-To: hackers@freebsd.org
Delivered-To: freebsd-hackers@FreeBSD.ORG
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id E824A16A41F
	for <hackers@freebsd.org>; Thu, 21 Jul 2005 07:45:36 +0000 (GMT)
	(envelope-from freebsd@rea.mbslab.kiae.ru)
Received: from rea.mbslab.kiae.ru (rea.mbslab.kiae.ru [144.206.177.25])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 82ABA43D46
	for <hackers@freebsd.org>; Thu, 21 Jul 2005 07:45:36 +0000 (GMT)
	(envelope-from freebsd@rea.mbslab.kiae.ru)
Received: by rea.mbslab.kiae.ru (Postfix, from userid 1000)
	id 170FBBC70; Thu, 21 Jul 2005 11:45:35 +0400 (MSD)
Date: Thu, 21 Jul 2005 11:45:35 +0400
From: "Eygene A. Ryabinkin" <freebsd@rea.mbslab.kiae.ru>
To: Peter Jeremy <PeterJeremy@optushome.com.au>
Message-ID: <20050721074535.GX57786@rea.mbslab.kiae.ru>
References: <20050714101442.GI16608@rea.mbslab.kiae.ru>
	<20050721073440.GA324@cirb503493.alcatel.com.au>
Mime-Version: 1.0
Content-Type: text/plain; charset=koi8-r
Content-Disposition: inline
In-Reply-To: <20050721073440.GA324@cirb503493.alcatel.com.au>
User-Agent: Mutt/1.5.9i
Cc: hackers@freebsd.org
Subject: Re: /etc/opiekeys permissions?
X-BeenThere: freebsd-hackers@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Technical Discussions relating to FreeBSD
	<freebsd-hackers.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>, 
	<mailto:freebsd-hackers-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-hackers>
List-Post: <mailto:freebsd-hackers@freebsd.org>
List-Help: <mailto:freebsd-hackers-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-hackers>,
	<mailto:freebsd-hackers-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 21 Jul 2005 07:45:37 -0000

> Since an OPIE password can only be used once, any program that uses OPIE
> needs to be able to read and write /etc/opiekeys.  There is no valid reason
> for a program to just want to read the file.
 Good point. I've missed it. Thanks.

 So, the arguments for permissions 0600 instead of 0644 are getting stronger.
Probably I should make a PR?
-- 
 rea