Questions regarding WKD/WKS
Bruce Walzer
bwalzer at 59.ca
Sat Dec 3 23:54:18 CET 2022
On Thu, Dec 01, 2022 at 02:45:33PM +0100, Andreas Heinlein via Gnupg-users wrote:
> Hello,
>
> I am trying to implement WKD/WKS and followed the tutorial here:
> https://wiki.gnupg.org/WKS
>
> I have a few questions:
>
> 1. If I follow the guidelines for creating the directory
> /var/lib/gnupg/wkd, it has ownership webkey:webkey and permissions
> 2750. So there ist no chance for the apache user to be able to read
> anything within that directory. I could solve that by adding the
> apache user to the webkey group. Is that the intended solution?
That is from this part:
mkdir /var/lib/gnupg/wks
chown webkey:webkey /var/lib/gnupg/wks
chmod 2750 /var/lib/gnupg/wks
That doesn't make sense to me. I think this might count as a
documentation bug. The original author probably wanted to leave the
directory sticky instead. At any rate, the web server needs access to
this directory. Something like adding the apache user to the webkey
group sounds like a reasonable approach.
Bruce
More information about the Gnupg-users
mailing list