Directory /etc/quagga has mode 755 and is owned by root:root. This directory can contain clear text password, and must be writable by the user quagga (to enable write from vtysh lines). Reproducible: Always Steps to Reproduce: Actual Results: Some functionnality of quagga are missing, and this coud lead to potential security breach Expected Results: /etc/quagga should have permissions like 700 (?) and be owned by quagga:quagga
True. The permissions are set so especially to hinder saves from the (insecure) VTY by default.
The ebuild quagga-0.98.2 fixes this problem.