LISTSERV 16.5 - XROOTD-DEV Archives

However, we should also make sure that malicious injection of an empty/invalid CRL file does not completely eliminate CRL checking for all time

This is a file periodically generated by XRootD in the admin directory. I figure if the attacker owns the admin directory, then it's already game over.

It's also an aggregate of all CRLs available - if the attacker controls all your CRLs, then it's probably also game over.

—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub, or unsubscribe.
Triage notifications on the go with GitHub Mobile for iOS or Android.

[ { "@context": "http://schema.org", "@type": "EmailMessage", "potentialAction": { "@type": "ViewAction", "target": "https://github.com/xrootd/xrootd/pull/1547#issuecomment-957963525", "url": "https://github.com/xrootd/xrootd/pull/1547#issuecomment-957963525", "name": "View Pull Request" }, "description": "View this Pull Request on GitHub", "publisher": { "@type": "Organization", "name": "GitHub", "url": "https://github.com" } } ]

Use REPLY-ALL to reply to list

To unsubscribe from the XROOTD-DEV list, click the following link:
https://listserv.slac.stanford.edu/cgi-bin/wa?SUBED1=XROOTD-DEV&A=1