[net-snmp] set permissions of snmpd.conf and snmptrapd conf to 0600
Jan Šafránek
jsafrane at fedoraproject.org
Thu Jun 27 14:42:08 UTC 2013
commit 6a047feb6eba6753e62ab84de65cc5eb4530ef0b
Author: Jan Safranek <jsafrane at redhat.com>
Date: Thu Jun 27 16:41:42 2013 +0200
set permissions of snmpd.conf and snmptrapd conf to 0600
net-snmp.spec | 10 +++++++---
1 files changed, 7 insertions(+), 3 deletions(-)
---
diff --git a/net-snmp.spec b/net-snmp.spec
index b0e3201..1725b9e 100644
--- a/net-snmp.spec
+++ b/net-snmp.spec
@@ -11,7 +11,7 @@
Summary: A collection of SNMP protocol tools and libraries
Name: net-snmp
Version: 5.7.2
-Release: 12%{?dist}
+Release: 13%{?dist}
Epoch: 1
License: BSD
@@ -423,8 +423,8 @@ rm -rf ${RPM_BUILD_ROOT}
%doc README.thread AGENT.txt PORTING local/README.mib2c
%doc IETF-MIB-LICENSE.txt
%dir %{_sysconfdir}/snmp
-%config(noreplace) %{_sysconfdir}/snmp/snmpd.conf
-%config(noreplace) %{_sysconfdir}/snmp/snmptrapd.conf
+%config(noreplace) %attr(0600,root,root) %{_sysconfdir}/snmp/snmpd.conf
+%config(noreplace) %attr(0600,root,root) %{_sysconfdir}/snmp/snmptrapd.conf
%{_bindir}/snmpconf
%{_bindir}/net-snmp-create-v3-user
%{_sbindir}/*
@@ -505,6 +505,10 @@ rm -rf ${RPM_BUILD_ROOT}
%{_initrddir}/snmptrapd
%changelog
+* Thu Jun 27 2013 Jan Safranek <jsafrane at redhat.com> - 1:5.7.2-13
+- set permissions of snmpd.conf and snmptrapd conf to 0600 to prevent
+ users from reading passwords and community strings.
+
* Tue May 21 2013 Jan Safranek <jsafrane at redhat.com> - 1:5.7.2-12
- added btrfs support to hrFSTable (#965348)
More information about the scm-commits
mailing list