diff options
author | Dave Brolley <brolley@redhat.com> | 2009-12-15 11:13:13 -0500 |
---|---|---|
committer | Dave Brolley <brolley@redhat.com> | 2009-12-15 11:13:13 -0500 |
commit | 2ab8398f875cbd8eff11cecc7a7abd65ffcb4f4c (patch) | |
tree | bc4cf413f8532769e4ba871309b1b6cf5e2adb10 /modsign.cxx | |
parent | b8f1753c091d3f75ea4a71bfb709d8e50780d3fb (diff) | |
download | systemtap-steved-2ab8398f875cbd8eff11cecc7a7abd65ffcb4f4c.tar.gz systemtap-steved-2ab8398f875cbd8eff11cecc7a7abd65ffcb4f4c.tar.xz systemtap-steved-2ab8398f875cbd8eff11cecc7a7abd65ffcb4f4c.zip |
Don't automatically authorize new root certificates as trusted signers.
Diffstat (limited to 'modsign.cxx')
-rw-r--r-- | modsign.cxx | 10 |
1 files changed, 1 insertions, 9 deletions
diff --git a/modsign.cxx b/modsign.cxx index 0965b923..326534ce 100644 --- a/modsign.cxx +++ b/modsign.cxx @@ -49,20 +49,12 @@ using namespace std; */ static int init_cert_db_path (const string &cert_db_path) { - int rc, rc1; + int rc; // Generate the certificate and database. string cmd = BINDIR "/stap-gen-cert " + cert_db_path; rc = system (cmd.c_str ()) == 0; - // If we are root, authorize the new certificate as a trusted - // signer. It is not an error if this fails. - if (geteuid () == 0) - { - cmd = BINDIR "/stap-authorize-signing-cert " + cert_db_path + "/stap.cert"; - rc1 = system (cmd.c_str ()); - } - return rc; } |