52 lines
1.6 KiB
Diff
52 lines
1.6 KiB
Diff
From 8dbbed10870378f1b2c3cf3df2ea7edca7617096 Mon Sep 17 00:00:00 2001
|
|
From: Sergio Correia <scorreia@redhat.com>
|
|
Date: Wed, 14 Jun 2023 10:53:20 -0300
|
|
Subject: [PATCH] Fix race condition when creating/rotating keys (#123)
|
|
|
|
When we create/rotate keys using either the tangd-keygen and
|
|
tangd-rotate-keys helpers, there is a small window between the
|
|
keys being created and then the proper ownership permissions being
|
|
set. This also happens when there are no keys and tang creates a
|
|
pair of keys itself.
|
|
|
|
In certain situations, such as the keys directory having wide open
|
|
permissions, a user with local access could exploit this race
|
|
condition and read the keys before they are set to more restrictive
|
|
permissions.
|
|
|
|
To prevent this issue, we now set the default umask to 0337 before
|
|
creating the files, so that they are already created with restrictive
|
|
permissions; afterwards, we set the proper ownership as usual.
|
|
|
|
Issue reported by Brian McDermott of CENSUS labs.
|
|
|
|
Fixes CVE-2023-1672
|
|
|
|
Refer:
|
|
https://github.com/latchset/tang/commit/8dbbed10870378f1b2c3cf3df2ea7edca7617096
|
|
https://ubuntu.com/security/CVE-2023-1672
|
|
|
|
Reviewed-by: Sergio Arroutbi <sarroutb@redhat.com>
|
|
Signed-off-by: Sergio Correia <scorreia@redhat.com>
|
|
---
|
|
src/tangd-keygen | 3 +++
|
|
1 file changed, 3 insertions(+)
|
|
|
|
diff --git a/src/tangd-keygen b/src/tangd-keygen
|
|
index 20d498e..d894ece 100755
|
|
--- a/src/tangd-keygen
|
|
+++ b/src/tangd-keygen
|
|
@@ -27,6 +27,9 @@ fi
|
|
|
|
[ $# -eq 3 ] && sig=$2 && exc=$3
|
|
|
|
+# Set default umask for file creation.
|
|
+umask 0337
|
|
+
|
|
jwe=`jose jwk gen -i '{"alg":"ES512"}'`
|
|
[ -z "$sig" ] && sig=`echo "$jwe" | jose jwk thp -i-`
|
|
echo "$jwe" > $1/$sig.jwk
|
|
--
|
|
2.33.0
|
|
|