fracpete
commented
4 years ago A simple measure would be to ensure that the parent directory (on Linux) has 0700 as octal permissions and 0600 on the file itself (like $HOME/.ssh).
Open csterling opened 4 years ago
fracpete
commented
4 years ago A simple measure would be to ensure that the parent directory (on Linux) has 0700 as octal permissions and 0600 on the file itself (like $HOME/.ssh).
Tokens are currently stored in plain-text on disk. Anyone who gains access to the token can authenticate as the user.
Investigate ways of shoring up this problem.