From 980485c46c2d0fab48410dc5aedb1a2fafa40a34 Mon Sep 17 00:00:00 2001 From: Till Brehm <tbrehm@ispconfig.org> Date: Fri, 17 Oct 2014 06:04:41 -0400 Subject: [PATCH] Fixed: FS#3696 - Interface SSL keys should be owned by root - Improved postfix SSL configuration to protect against poodle attack. --- install/dist/lib/gentoo.lib.php | 2 ++ 1 files changed, 2 insertions(+), 0 deletions(-) diff --git a/install/dist/lib/gentoo.lib.php b/install/dist/lib/gentoo.lib.php index 005a2fc..3eebf91 100644 --- a/install/dist/lib/gentoo.lib.php +++ b/install/dist/lib/gentoo.lib.php @@ -962,6 +962,8 @@ exec('chmod -R 770 '.escapeshellarg($install_dir.'/interface/invoices')); exec('chown -R ispconfig:ispconfig '.escapeshellarg($install_dir.'/interface/invoices')); } + + exec('chown -R root:root /usr/local/ispconfig/interface/ssl'); // TODO: FIXME: add the www-data user to the ispconfig group. This is just for testing // and must be fixed as this will allow the apache user to read the ispconfig files. -- Gitblit v1.9.1