possible CVE request: opendnssec and softhsm permission issue

[Murray McAllister <mmcallis () redhat com>]

Good morning,

Not sure if this requires a CVE. 
https://bugzilla.redhat.com/show_bug.cgi?id=1098188 notes some 
permission errors for files in /var/softhsm/ and /var/opendnssec/

Two notes:

1) after installing those packages on Fedora 20, the directory 
permissions for those directories is mode 770 root:ods, so an 
unprivileged user cannot go in there.

2) the proposed fix in the Red Hat bug is about making certain files 
owned by "ods" instead of "root". It does not mention removing read 
permissions for other users.

I do not see a leak here, but am not familiar with opendnssec and softhsm.

It may have been filed as a security issue here due to 
https://issues.opendnssec.org/browse/SUPPORT-136 (as noted in the bug). 
I'll mail about that one shortly.

Thanks,

--
Murray McAllister / Red Hat Product Security