jrossi
commented
10 years ago It is verified that client.keys is indeed readable by ordinary users. May want to check "ui/os_win32ui.c"
Note: This comment has been automatically migrated from Bitbucket Created by ossec on 2013-10-19 00:32:54+00:00
On Windows 7 (and probably other Windows platforms), client.keys and some other files are readable by ordinary users. This exposes sensitive information, such as the encryption key, to those that may not be authorized. We should review the permissions for all files in this directory to make sure they are appropriate.
Note: This issue has been automatically migrated from Bitbucket Created by mstarks01 on 2013-08-13 16:55:05+00:00, last updated: 2013-10-19 00:32:54+00:00