[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#780828: ssl-cert: make-ssl-cert leaves window where new secret key may be world-readable

Package: ssl-cert
Version: 1.0.35
Severity: normal

make-ssl-cert appears to create the secret key material and then chmod
it to restrict permissions.  This leaves a race condition where a
non-privileged user on the system can read the file before the
permissions change takes effect, thereby stealing the credentials
created by the superuser.

make-ssl-cert should use umask instead, so that the new secret key
files are protected by default.

          --dkg

-- System Information:
Debian Release: 8.0
  APT prefers testing
  APT policy: (500, 'testing'), (200, 'unstable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)

Versions of packages ssl-cert depends on:
ii  adduser                3.113+nmu3
ii  debconf [debconf-2.0]  1.5.55
ii  openssl                1.0.1k-1

ssl-cert recommends no packages.

Versions of packages ssl-cert suggests:
pn  openssl-blacklist  <none>

-- debconf-show failed
Reply to: