[gnutls-help] gnutls_session_get_master_secret

Nikos Mavrogiannopoulos nmav at gnutls.org
Sun Apr 21 09:14:13 CEST 2019


On Thu, Apr 18, 2019 at 10:27 AM Jeremy Harris <jgh at wizmail.org> wrote:
>
> On 18/04/2019 07:19, Nikos Mavrogiannopoulos wrote:
> >>> Use the SSLKEYLOGFILE environment variable. It will create the
> >>> necessary keys in the file
> >>
> >> Except for setuid programs?  There seems to be some form of explicit
> >> lockout in secure_getenv().
> >
> > Yes, that's intentional, so that a user will not overwrite root-owned files.
>
> So how can the keying be retrieved from such a program?

If you have access to the program you can make it set the environment
variable itself, otherwise, you have to run it as root.

regards,
Nikos



More information about the Gnutls-help mailing list