oss-sec mailing list archives
Re: Question about world readable config files and commented warnings
From: vladz <vladz () devzero fr>
Date: Tue, 30 Jun 2015 23:30:06 +0200
On Tue, Jun 30, 2015 at 08:31:08AM -0600, Kurt Seifried wrote:
From a developer perspective I somewhat agree, however I'm looking at this from a vendor perspective where we do control the chmod, easily (RPM spec file).
I don't know if this is relevant, but I also regularly find applications that, during their installation phases, set the correct permissions to sensitive files (600 for instance) but in a insecure manner, i.e. they: 1) create the file (perms will depend on root umask, usually 022) 2) restrict its permissions (chmod 600) 3) open the file and write sensitive content in it I won't paraphrase this post [1], but chmod 600 on a file isn't sufficient to preserve a file content on a multiuser system: a local user can open the file in read-only right after 1) to obtain a file descriptor, and use it for later content disclosure after 3). We all know that a better way to create the file would be to set the adequate umask first. But the above steps can be found in initialization and installation scripts (I can share a non-exhaustive list if wished). I also wouldn't recommend the use of "-m 600" in the "install" command as it has the same problem: # touch f1 # strace install -m 600 f1 f2 [...] open("f2", O_WRONLY|O_CREAT|O_EXCL, 0644) = 4 // here f2 is readable chmod("f2", 0600) = 0 Regards, vladz. [1] http://www.openwall.com/lists/oss-security/2013/08/20/13
Current thread:
- Question about world readable config files and commented warnings Kurt Seifried (Jun 29)
- Re: Question about world readable config files and commented warnings gremlin (Jun 29)
- Re: Question about world readable config files and commented warnings Kurt Seifried (Jun 30)
- Re: Question about world readable config files and commented warnings vladz (Jun 30)
- Re: Question about world readable config files and commented warnings Seth Arnold (Jun 30)
- Re: Question about world readable config files and commented warnings Kurt Seifried (Jun 30)
- Re: Question about world readable config files and commented warnings gremlin (Jun 29)
- Re: Question about world readable config files and commented warnings cve-assign (Jun 30)
- Re: Question about world readable config files and commented warnings Kurt Seifried (Jun 30)
- Re: Re: Question about world readable config files and commented warnings Seth Arnold (Jun 30)
- Re: Question about world readable config files and commented warnings cve-assign (Jun 30)
- Re: Question about world readable config files and commented warnings Kurt Seifried (Jun 30)
- Re: Question about world readable config files and commented warnings cve-assign (Jun 30)
- Re: Question about world readable config files and commented warnings Kurt Seifried (Jun 30)