[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#40405: System log files are world readable
From: |
Ludovic Courtès |
Subject: |
bug#40405: System log files are world readable |
Date: |
Mon, 06 Apr 2020 00:12:39 +0200 |
User-agent: |
Gnus/5.13 (Gnus v5.13) Emacs/26.3 (gnu/linux) |
Hi,
Diego Nicola Barbato <address@hidden> skribis:
> On Guix System the log files (in /var/log) generated by syslogd are
> currently (commit 151f3d4) world readable. They should probably only be
> readable by root (for the same reason that dmesg can only be run by
> root).
>
> It isn't possible to set the umask with fork-exec-constructor, is it?
> Otherwise that might have been a simple solution.
That would be a nice solution to implement in the Shepherd. If you feel
like giving it a try, that would be great!
In the meantime, the patch below fixes the syslogd problem. Also
attached is a patch for the accounting database, though that one is
questionable.
Thoughts?
Thanks,
Ludo’.
diff --git a/gnu/services.scm b/gnu/services.scm
index 7941cd3af0..d631e8dd32 100644
--- a/gnu/services.scm
+++ b/gnu/services.scm
@@ -528,15 +528,20 @@ ACTIVATION-SCRIPT-TYPE."
(use-modules (gnu build activation)
(guix build utils))
+ (define (ensure-file-exists file)
+ (let ((port (open-file file "a0")))
+ (chmod port #o640)
+ (close-port port)))
+
;; Make sure the user accounting database exists. If it
;; does not exist, 'setutxent' does not create it and
;; thus there is no accounting at all.
- (close-port (open-file "/var/run/utmpx" "a0"))
+ (ensure-file-exists "/var/run/utmpx")
;; Same for 'wtmp', which is populated by mingetty et
;; al.
(mkdir-p "/var/log")
- (close-port (open-file "/var/log/wtmp" "a0"))
+ (ensure-file-exists "/var/log/wtmp")
;; Set up /run/current-system. Among other things this
;; sets up locales, which the activation snippets
diff --git a/gnu/services/base.scm b/gnu/services/base.scm
index 8d9a563e2b..e59b6fea80 100644
--- a/gnu/services/base.scm
+++ b/gnu/services/base.scm
@@ -1436,10 +1436,17 @@ Service Switch}, for an example."
(documentation "Run the syslog daemon (syslogd).")
(provision '(syslogd))
(requirement '(user-processes))
- (start #~(make-forkexec-constructor
- (list #$(syslog-configuration-syslogd config)
- "--rcfile" #$(syslog-configuration-config-file config))
- #:pid-file "/var/run/syslog.pid"))
+ (start #~(let ((fork (make-forkexec-constructor
+ (list #$(syslog-configuration-syslogd config)
+ "--rcfile"
+ #$(syslog-configuration-config-file config))
+ #:pid-file "/var/run/syslog.pid")))
+ (lambda ()
+ ;; Set the umask such that file permissions are #o640.
+ (let ((mask (umask #o137))
+ (pid (fork)))
+ (umask mask)
+ pid))))
(stop #~(make-kill-destructor))))))
;; Snippet adapted from the GNU inetutils manual.
- bug#40405: System log files are world readable, Diego Nicola Barbato, 2020/04/03
- bug#40405: System log files are world readable, Diego Nicola Barbato, 2020/04/03
- bug#40405: System log files are world readable,
Ludovic Courtès <=
- bug#40405: System log files are world readable, Diego Nicola Barbato, 2020/04/08
- bug#40405: System log files are world readable, Ludovic Courtès, 2020/04/08
- bug#40405: System log files are world readable, Ludovic Courtès, 2020/04/19
- bug#40405: System log files are world readable, Ludovic Courtès, 2020/04/22
- bug#40405: System log files are world readable, Diego Nicola Barbato, 2020/04/28
- bug#40405: System log files are world readable, Ludovic Courtès, 2020/04/28
- bug#40405: System log files are world readable, Diego Nicola Barbato, 2020/04/29