Bug#780828: ssl-cert: make-ssl-cert leaves window where new secret key may be world-readable
Package: ssl-cert
Version: 1.0.35
Severity: normal
make-ssl-cert appears to create the secret key material and then chmod
it to restrict permissions. This leaves a race condition where a
non-privileged user on the system can read the file before the
permissions change takes effect, thereby stealing the credentials
created by the superuser.
make-ssl-cert should use umask instead, so that the new secret key
files are protected by default.
--dkg
-- System Information:
Debian Release: 8.0
APT prefers testing
APT policy: (500, 'testing'), (200, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages ssl-cert depends on:
ii adduser 3.113+nmu3
ii debconf [debconf-2.0] 1.5.55
ii openssl 1.0.1k-1
ssl-cert recommends no packages.
Versions of packages ssl-cert suggests:
pn openssl-blacklist <none>
-- debconf-show failed
Reply to: