authkeys file need not be 0700...

0600 is sufficient. Caught by Christoph. I don't actually think there is any possibility of this being used to attack gitolite but it's just a 1-bit change :) ref: https://groups.google.com/forum/#!topic/gitolite/C_kzny--yP8
aidim78 · Feb 21, 2015 · 78fc240 · 78fc240
1 parent 9cd1e37
commit 78fc240
Showing 1 changed file with 1 addition and 1 deletion.
diff --git a/src/triggers/post-compile/ssh-authkeys b/src/triggers/post-compile/ssh-authkeys
@@ -82,7 +82,7 @@ sub sanity {
     _mkdir( $akdir, 0700 ) if not -d $akdir;
     if ( not -f $akfile ) {
         _print( $akfile, "" );
-        chmod 0700, $akfile;
+        chmod 0600, $akfile;
     }
 }