bug#48872: Guix services: ‘chmod’ leaves opportunity to leak secrets

bug-guix

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

bug#48872: Guix services: ‘chmod’ leaves opportunity to leak secrets

From:	Xinglu Chen
Subject:	bug#48872: Guix services: ‘chmod’ leaves opportunity to leak secrets
Date:	Sun, 06 Jun 2021 14:51:36 +0200

[  This was reported on the Nixpkgs bug tracker a few weeks ago
   <https://github.com/NixOS/nixpkgs/issues/121293>  ]

When doing something like

  (call-with-output-file FILE
    (lambda (port)
      (display SECRET port)))
  (chmod FILE #o400)

an unpriviliged user could open FILE before FILE had been chmod’ed, and
then read the contents of FILE.

One solution to this problem would be to use

  (mkdir (dirname FILE) #o400)

before writing SECRET to FILE.

I have identified at least two services which are vulnerable to this:

* ‘wireguard-service-type’ in (gnu services vpn)
* ‘patchwork-service-type’ in (gnu servicse web)

signature.asc
Description: PGP signature

[Prev in Thread]

Current Thread

[Next in Thread]

bug#48872: Guix services: ‘chmod’ leaves opportunity to leak secrets, Xinglu Chen <=
- bug#48872: Guix services: ‘chmod’ leaves opportunity to leak secrets, Maxime Devos, 2021/06/08
  - bug#48872: Guix services: ‘chmod’ leaves opportunity to leak secrets, Xinglu Chen, 2021/06/08

Prev by Date: bug#48868: VLC cant find libvdpau_radeonsi.so when playing video
Next by Date: bug#44872: Installer crash: 'uuid->string' is passed #f in lieu of a UUID
Previous by thread: bug#48868: VLC cant find libvdpau_radeonsi.so when playing video
Next by thread: bug#48872: Guix services: ‘chmod’ leaves opportunity to leak secrets
Index(es):
- Date
- Thread