Menu

#481 user "nobody" can read sensitive files

closed-fixed
Gilles Espinasse
Security (Patches etc) (51)
5
2006-01-12
2005-10-31
Juergen Schmidt
No

The backup files belong to "nobody" and contain files
like /etc/shadow and the private ssh key that are
intended to be readable only for root.

POC:

# cd /home/httpd/html/backup
# ls -l *.gz
-rw-r--r-- 1 nobody nobody 601789 2005-10-07 00:32
ipcop.tar.gz
root@ipcop:/home/httpd/html/backup # tar tvfz ipcop.tar.gz
-rw-r--r-- root/root 542 2005-10-07 00:24:39
etc/passwd
-r-------- root/root 356 2005-01-25 09:25:21
etc/shadow
...
-rw------- root/root 668 2005-01-25 09:49:36
etc/ssh/ssh_host_dsa_key

Suggested Fix: Keep only the encrypted backup and
secure access to the backup key. see also:
https://sourceforge.net/tracker/index.php?func=detail&aid=1344032&group_id=40604&atid=428516

Discussion

  • Gilles Espinasse

    Gilles Espinasse - 2005-11-05
    • assigned_to: nobody --> gespinasse
     

  • Gilles Espinasse

    Gilles Espinasse - 2005-11-05

    Logged In: YES
    user_id=691649

    We will attempt to remove unencrypted backup on the
    release after 1.4.10.
    This necessitate many changes
    - we need to be able to export backup.key on a secure way
    like to floppy or usb key,
    - we have to evaluate modifications to the installer to
    accomodate those changes (restore backup.key encrypted
    with password, restore backup from web backup or from usb
    key)

     

  • Franck Bourdonnec

    Franck Bourdonnec - 2006-01-12
    • status: open --> closed-fixed
     

  • Franck Bourdonnec

    Franck Bourdonnec - 2006-01-12

    Logged In: YES
    user_id=1041094

    Most of the work described by Gilles is ready.
    Noboby can't create backup,
    The key is available to root user only,
    Backup.dat (crypted) usable at install stage,
    stored on USB-storage device.

     

Log in to post a comment.