[Bug 272902] Security: allow passphrases for WPA-EAP to be saved without using clear text

In reply to: bugzilla-noreply_a_freebsd.org: "[Bug 272902] Security: allow passphrases for WPA-EAP to be saved without using clear text in a world-readable file"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: <bugzilla-noreply_at_freebsd.org>
Date: Sat, 11 Jan 2025 16:21:16 UTC

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=272902

Graham Perrin <grahamperrin@gmail.com> changed:

           What    |Removed                     |Added
----------------------------------------------------------------------------
           Severity|Affects Only Me             |Affects Some People
          Component|kern                        |conf
            Summary|Security: allow passphrases |Security: allow passphrases
                   |for WPA-EAP to be saved     |for WPA-EAP to be saved
                   |without using clear text in |without using clear text
                   |a world-readable file       |

--- Comment #2 from Graham Perrin <grahamperrin@gmail.com> ---
Cross-reference:
<https://lists.freebsd.org/archives/freebsd-desktop/2025-January/005289.html> |
<https://mail-archive.freebsd.org/cgi/mid.cgi?07e6179b-00de-4eeb-8282-527b477fdccc>

----

Re: comment 0

> world-readable

I have no idea how /etc/wpa_supplicant.conf became world-readable in my case.
It's no longer so open: 

grahamperrin:~ % ls -hl /etc/wpa_supplicant.conf 
-rw-------  1 root wheel  1.4K 12 Dec 09:21 /etc/wpa_supplicant.conf
grahamperrin:~ % 

I see: 

chmod 0600 $BSDINSTALL_TMPETC/wpa_supplicant.conf

– in 2011 at
<https://github.com/freebsd/freebsd-src/commit/2118f3873fdc9d9a08978465a3173b755f0d5e61#diff-cf165779f2234129b5397bcadca5c6c7a1e6970691d807de529654726cfe8df9R30>,
if that's relevant.

-- 
You are receiving this mail because:
You are the assignee for the bug.