diff -Nur -x '*.orig' -x '*.rej' smeserver-openvpn-bridge-2.0/root/usr/lib/perl5/site_perl/esmith/FormMagick/Panel/openvpnbridge.pm mezzanine_patched_smeserver-openvpn-bridge-2.0/root/usr/lib/perl5/site_perl/esmith/FormMagick/Panel/openvpnbridge.pm
--- smeserver-openvpn-bridge-2.0/root/usr/lib/perl5/site_perl/esmith/FormMagick/Panel/openvpnbridge.pm	2009-01-16 15:56:58.000000000 +0100
+++ mezzanine_patched_smeserver-openvpn-bridge-2.0/root/usr/lib/perl5/site_perl/esmith/FormMagick/Panel/openvpnbridge.pm	2009-01-16 15:56:54.000000000 +0100
@@ -491,7 +491,7 @@
 	if (
 		(( -z "$pubdir/cacert.pem" ) || ( ! -e "$pubdir/cacert.pem" )) ||
 		(( -z "$pubdir/cert.pem") || ( ! -e "$pubdir/cert.pem" )) ||
-		(( -z "$privdir/key.pem") || ( ! -e "$pubdir/key.pem" )) ||
+		(( -z "$privdir/key.pem") || ( ! -e "$privdir/key.pem" )) ||
 		(( -z "$pubdir/cacrl.pem") || ( ! -e "$pubdir/cacrl.pem" )) ||
 		(( -z "$pubdir/dh.pem") || ( ! -e "$pubdir/dh.pem" ))
 	){
@@ -640,7 +640,7 @@
       	$fm->error('ERROR_OPEN_CA','FIRST');
       	# Tell the user something bad has happened
         return;
-    }
+    	}
 	print CA $ca;
 	close CA;
 
@@ -648,7 +648,7 @@
       	$fm->error('ERROR_OPEN_CRT','FIRST');
       	# Tell the user something bad has happened
         return;
-    }
+    	}
 	print CRT $crt;
 	close CRT;
 
@@ -656,7 +656,7 @@
       	$fm->error('ERROR_OPEN_KEY','FIRST');
       	# Tell the user something bad has happened
         return;
-    }
+    	}
 	print KEY $key;
 	close KEY;
 
@@ -664,7 +664,7 @@
       	$fm->error('ERROR_OPEN_DH','FIRST');
       	# Tell the user something bad has happened
         return;
-    }
+    	}
 	print DH $dh;
 	close DH;
 
@@ -672,15 +672,14 @@
       	$fm->error('ERROR_OPEN_TA','FIRST');
       	# Tell the user something bad has happened
         return;
-    }
+    	}
 	print TA $ta;
 	close TA;
 
-	esmith::util::chownFile("root", "root",
-        "$privdir");
-	esmith::util::chownFile("root", "root",
-        "$pubdir");
-    chmod 0640, "$privdir";
+	# Restrict permissions on sensitive data
+	esmith::util::chownFile("root", "root","$privdir");
+	esmith::util::chownFile("root", "root","$pubdir");
+    	chmod 0700, "$privdir";
 
 	unless(system("/sbin/e-smith/signal-event openvpn-bridge-update") == 0){
 		$fm->error('ERROR_OCCURED','RULES_PAGE');