necheffa
commented
2 years ago @kairoaraujo Hey, no problem. I added commit 69554fe to enhance the existing test suite to cover this.
Closed necheffa closed 2 years ago
necheffa
commented
2 years ago @kairoaraujo Hey, no problem. I added commit 69554fe to enhance the existing test suite to cover this.
kairoaraujo
commented
2 years ago Thank you @necheffa !
When saving a new RSA key to disk (key.pem), goca defaults to 0644 Unix permissions on the file. This is undesirable since this makes the private key readable to any user with shell access to the local system.
This change sets the permissions of the key.pem file to 0600 after the file is created but before the byte slice containing the RSA private key is written to disk.