Re: [fetchmail-users] User poll: how do you expect --sslcertpath to behave?

[Rob M. <rob...@gm...>]

On Mon, Apr 19, 2010 at 09:04, Matthias Andree <mat...@gm...> wrote:
>
> The two poll questions are:
>
> (1) Should fetchmail add the default OpenSSL certificate locations even if
> you specify --sslcertfile or --sslcertpath? You will be able to choose the
> other behaviour by setting an environment variable (I don't plan to add yet
> another option). Optional: why?
> Explanation:
>  - yes means that fetchmail would look into the OpenSSL default locations
> AND additionally into those you specify. From a usability point of view this
> option is preferred, because Linux, *BSD and other distributions will often
> run c_rehash on the system directories automatically, so that this can mask
> the user's forgetting to run c_rehash.
>  - no means that fetchmail will only look into those you specify. If neither
> of these two options are present, fetchmail will instead look into the
> OpenSSL default places. This is preferable from a security point of view, to
> only look into specified locations in order to be as mistrustful as
> possible.

No (or at least if yes then no should be the default - a secure
solution by default is IMO preferable)

I'd suggest that when running fetchmail with one of the ssl options
then a message should be printed or logged reminding people to run
c_rehash (with a link to a document providing details of when to do
that).

> (2) If you answered the previous one with "yes", should the fetchmail or the
> OpenSSL directories be checked first?

OpenSSL directories first (just as with a path the user's directories
should be last so that you can't trivially get people to run your
version of "ls").

-- 
                 Please keep list traffic on the list.

Rob MacGregor
      Whoever fights monsters should see to it that in the process he
        doesn't become a monster.                  Friedrich Nietzsche