Issue #1837
closed
CVE-2016-3111: pulp.spec generates its RSA keys for message signing insecurely
Description
During installation, the RSA key pairs used to validate messages between the pulp server and pulp consumers are generated in a directory that is world-readable with a umask of 002. After it was written, the permissions are modified to protect the key. For a brief moment, the RSA keys are world-readable. An attacker who has access to the host installing Pulp could theoretically open the file after it is created, but before its permissions are set, and read the private key.
Updated by jcline@redhat.com over 8 years ago
- Subject changed from reserved to pulp.spec generates its RSA keys for message signing insecurely
- Description updated (diff)
Updated by jcline@redhat.com over 8 years ago
- Status changed from NEW to POST
- Assignee set to jcline@redhat.com
Updated by semyers over 8 years ago
- Subject changed from pulp.spec generates its RSA keys for message signing insecurely to CVE-2016-3111: pulp.spec generates its RSA keys for message signing insecurely
Added by Jeremy Cline over 8 years ago
Added by Jeremy Cline over 8 years ago
Revision 20955f6f | View on GitHub
pulp.spec now generate RSA keys with umask 077 (CVE-2016-3111)
During installation, the RSA key pairs used to validate messages between the pulp server and pulp consumers were generated in a directory that is world-readable with a umask of 002. After it was written, the permissions were modified to protect the key. For a brief moment, the RSA keys were world-readable. This commit explicitly sets the umask in the %post scriptlet to be 077 so it is only readable to the owner.
https://pulp.plan.io/issues/1837
fixes #1837
Updated by Anonymous over 8 years ago
- Status changed from POST to MODIFIED
- % Done changed from 0 to 100
Applied in changeset pulp|20955f6fa1e7a3ab3c155cb3ce00bff5b615bd3a.
Updated by mhrivnak over 8 years ago
- Priority changed from Normal to High
- Severity changed from 2. Medium to 1. Low
- Triaged changed from No to Yes
Added by rbarlow over 8 years ago
Added by rbarlow over 8 years ago
Updated by semyers over 8 years ago
- Status changed from 5 to CLOSED - CURRENTRELEASE
.
pulp.spec now generate RSA keys with umask 077 (CVE-2016-3111)
During installation, the RSA key pairs used to validate messages between the pulp server and pulp consumers were generated in a directory that is world-readable with a umask of 002. After it was written, the permissions were modified to protect the key. For a brief moment, the RSA keys were world-readable. This commit explicitly sets the umask in the %post scriptlet to be 077 so it is only readable to the owner.
https://pulp.plan.io/issues/1837
fixes #1837