[prev in list] [next in list] [prev in thread] [next in thread] 

List:       oss-security
Subject:    Re: [oss-security] Question about world readable config files and commented warnings
From:       Seth Arnold <seth.arnold () canonical ! com>
Date:       2015-06-30 21:59:17
Message-ID: 20150630215917.GC13944 () hunt
[Download RAW message or body]


On Tue, Jun 30, 2015 at 11:30:06PM +0200, vladz wrote:
> We all know that a better way to create the file would be to set the
> adequate umask first.  But the above steps can be found in initialization
> and installation scripts (I can share a non-exhaustive list if wished).  I

Probably we should get CVEs assigned for these, that's the best way to
make sure they're not overlooked.

> also wouldn't recommend the use of "-m 600" in the "install" command as it
> has the same problem:
> 
> # touch f1
> # strace install -m 600 f1 f2
> [...]
> open("f2", O_WRONLY|O_CREAT|O_EXCL, 0644) = 4 // here f2 is readable
> chmod("f2", 0600)                         = 0

The three-argument open() has been available for absolute ages:

https://www.freebsd.org/cgi/man.cgi?query=open&apropos=0&sektion=2&manpath=FreeBSD+1.0-RELEASE&arch=default&format=html


I'm surprised install hasn't been updated at some point in the last twenty
years to use the mode correctly. It's probably also CVE-worthy.

Thanks


["signature.asc" (application/pgp-signature)]

[prev in list] [next in list] [prev in thread] [next in thread]