tag 654599 fixed-upstream
thanks
The suggested change has been made upstream
On 04.01.2012 16:01, Mark Wooding wrote:
Package: grub-common
Version: 1.99-12
Severity: normal
The output configuration is created with this code.
if test "x${grub_cfg}" != "x"; then
rm -f ${grub_cfg}.new
exec> ${grub_cfg}.new
# Allow this to fail, since /boot/grub/ might need to be fatfs to support
some
# firmware implementations (e.g. OFW or EFI).
chmod 400 ${grub_cfg}.new || grub_warn "Could not make ${grub_cfg}.new
readable by only root.\
This means that if the generated config contains a password it is readable by
everyone"
fi
Later, if the generated output doesn't contain a password entry, the
permissions are relaxed again.
This is not enough to protect password, however. The file is initally
created using the prevailing umask, which will likely be permissive. If
another user opens the file for reading after it is created but before
its permissions are altered, the resulting file descriptor can be used
to read the entire file once it's been written.
Two correct fixes:
* Change the exec line to something like
oldumask=$(umask); umask 077
exec> "${grub_cfg}.new"
umask $oldumask
Remove the chmod stanza.
* Instead of creating the file as $grub_cfg.new,
rm -rf "${grub_cfg}.new.d/file"
mkdir -m700 "${grub_cfg}.new.d"
exec> "${grub_cfg}.new.d/file"
chmod 400 "${grub_cfg}.new.d/file"
mv "${grub_cfg}.new.d/file" "${grub_cfg}.new
rmdir "${grub_cfg}.new.d"
I strongly prefer the former.
-- System Information:
Debian Release: wheezy/sid
APT prefers testing
APT policy: (990, 'testing'), (500, 'unstable')
Architecture: i386 (i686)
Kernel: Linux 3.0.0-1-686-pae (SMP w/1 CPU core)
Locale: LANG=en_GB.utf8, LC_CTYPE=en_GB.utf8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages grub-common depends on:
ii gettext-base 0.18.1.1-5
ii libc6 2.13-21
ii libdevmapper1.02.1 2:1.02.65-1
ii libfreetype6 2.4.6-2
ii libfuse2 2.8.6-1
ii zlib1g 1:1.2.3.4.dfsg-3
Versions of packages grub-common recommends:
ii os-prober 1.49
Versions of packages grub-common suggests:
pn desktop-base<none>
pn grub-emu<none>
pn multiboot-doc<none>
pn xorriso<none>
-- no debconf information
-- debsums errors found:
dpkg-query: warning: parsing file '/var/lib/dpkg/status' near line 1581 package
'anag':
missing architecture
dpkg-query: warning: parsing file '/var/lib/dpkg/status' near line 29969
package 'priv':
missing architecture
_______________________________________________
Pkg-grub-devel mailing list
pkg-grub-de...@lists.alioth.debian.org
http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/pkg-grub-devel
--
Regards
Vladimir 'φ-coder/phcoder' Serbinenko
--
To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org
with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
