[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[bug#57363] [PATCH 0/1] Set #o640 permissions for log file of shepherd s

From: Maxime Devos
Subject: [bug#57363] [PATCH 0/1] Set #o640 permissions for log file of shepherd service in container.
Date: Fri, 26 Aug 2022 16:48:40 +0200
User-agent: Mozilla/5.0 (X11; Linux x86_64; rv:91.0) Gecko/20100101 Thunderbird/91.12.0

On 23-08-2022 19:31, Arun Isaac wrote:

However, when a shepherd service is run using
make-forkexec-constructor/container, the log file has #o644 permissions. This
patch corrects that.

There is a small window during which the log file has overly-wide permissions, which IIUC makes the log openable when it shouldn't, which could later be exploited (after the daemon has been running for a while) to extract anything secret written to the log by the service.

Try using (close (open log-file (logior O_CREAT O_APPEND O_CLOEXEC) #o600)) instead, that should make things atomic.

I do not know if clearing the log file is desired -- if so, remove O_APPEND, if not, keep O_APPEND.

Maybe O_RDONLY or O_WRONLY or O_RDWR needs to be added to make the call to 'open' succeed.


Attachment: OpenPGP_0x49E3EE22191725EE.asc
Description: OpenPGP public key

Attachment: OpenPGP_signature
Description: OpenPGP digital signature

reply via email to

[Prev in Thread] Current Thread [Next in Thread]