2017-07-17 15:18:06 2017-08-09 17:10:26

authd sets weak permissions for /etc/ident.key, which allows local users to obtain the key by leveraging a race condition between the creation of the key, and the chmod to protect it.