| Summary: | ASTERISK-11788: astgenkey creates world-readable private keys | ||
| Reporter: | Lionel Elie Mamane (lmamane) | Labels: | |
| Date Opened: | 2008-04-06 07:25:17 | Date Closed: | 2008-04-08 11:51:48 |
| Priority: | Minor | Regression? | No |
| Status: | Closed/Complete | Components: | Utilities/General |
| Versions: | Frequency of Occurrence | ||
| Related Issues: | |||
| Environment: | Attachments: | ( 0) 20080406__bug12373.diff.txt ( 1) astgenkey_man_mode.diff ( 2) astgenkey-security | |
| Description: | The shipped astgenkey creates the private key world-readable, even in "-n" (unencrypted private key) mode. Here's the patch to generate it 0600 that I added to Debian. | ||
| Comments: | By: Tilghman Lesher (tilghman) 2008-04-06 10:01:56 Actually, it's following the Asterisk standard, which is to let the system administrator decide what permissions should be set via the umask. All files in Asterisk follow the umask. A system administrator may decide to make voicemail files, for example, world-accessible, and that's fine; it is properly the individual system administrator's decision. By: Tilghman Lesher (tilghman) 2008-04-06 10:03:31 Marking as minor, following policy. By: Michiel van Baak (mvanbaak) 2008-04-06 10:09:24 You are chowning the file to 'asterisk:asterisk' when the script is run by root. I dont think this should be the default. It's fine for the Debian package because that will run asterisk as user asterisk, but it's not the default for the asterisk source package. By: Tzafrir Cohen (tzafrir) 2008-04-06 10:09:36 Generating a private key that is world-writable is, well, surprising. Compare that to e.g. ssh-keygen . The public key should indeed be generated with the the current umask: saved_umask=`umask` umask 0700 ... umask $saved_umask By: Tzafrir Cohen (tzafrir) 2008-04-06 10:14:15 USER=asterisk GROUP= chown $USER:$GROUP Any smarter way to get the username Asterisk is running as? (if GROUP is left empty, chown sets the group to the default group of $USER). By: Michiel van Baak (mvanbaak) 2008-04-06 10:17:34 runuser and rungroup in /etc/asterisk/asterisk.conf ? By: Michiel van Baak (mvanbaak) 2008-04-06 10:32:05 It's following asterisk policy, and that's how it is. By: Tzafrir Cohen (tzafrir) 2008-04-06 11:06:35 Opening issue to document it. By: Tilghman Lesher (tilghman) 2008-04-06 11:29:59 But that's incorrect. The file is created with whatever umask the user using the script is using. If the user ALREADY has a umask of 066 or 006, then the file will not be created world-readable at all. By: Tzafrir Cohen (tzafrir) 2008-04-06 11:38:16 bah, wrong umask, fixing.... By: Digium Subversion (svnbot) 2008-04-08 11:46:37 Repository: asterisk Revision: 113399 U branches/1.4/contrib/scripts/astgenkey.8 ------------------------------------------------------------------------ r113399 | tilghman | 2008-04-08 11:46:36 -0500 (Tue, 08 Apr 2008) | 6 lines Add security note on astgenkey's manpage. (closes issue ASTERISK-11788) Reported by: lmamane Patches: 20080406__bug12373.diff.txt uploaded by Corydon76 (license 14) ------------------------------------------------------------------------ http://svn.digium.com/view/asterisk?view=rev&revision=113399 By: Digium Subversion (svnbot) 2008-04-08 11:49:28 Repository: asterisk Revision: 113400 _U trunk/ U trunk/contrib/scripts/astgenkey.8 ------------------------------------------------------------------------ r113400 | tilghman | 2008-04-08 11:49:28 -0500 (Tue, 08 Apr 2008) | 14 lines Merged revisions 113399 via svnmerge from https://origsvn.digium.com/svn/asterisk/branches/1.4 ........ r113399 | tilghman | 2008-04-08 11:51:28 -0500 (Tue, 08 Apr 2008) | 6 lines Add security note on astgenkey's manpage. (closes issue ASTERISK-11788) Reported by: lmamane Patches: 20080406__bug12373.diff.txt uploaded by Corydon76 (license 14) ........ ------------------------------------------------------------------------ http://svn.digium.com/view/asterisk?view=rev&revision=113400 By: Digium Subversion (svnbot) 2008-04-08 11:51:48 Repository: asterisk Revision: 113401 _U branches/1.6.0/ U branches/1.6.0/contrib/scripts/astgenkey.8 ------------------------------------------------------------------------ r113401 | tilghman | 2008-04-08 11:51:47 -0500 (Tue, 08 Apr 2008) | 22 lines Merged revisions 113400 via svnmerge from https://origsvn.digium.com/svn/asterisk/trunk ................ r113400 | tilghman | 2008-04-08 11:54:21 -0500 (Tue, 08 Apr 2008) | 14 lines Merged revisions 113399 via svnmerge from https://origsvn.digium.com/svn/asterisk/branches/1.4 ........ r113399 | tilghman | 2008-04-08 11:51:28 -0500 (Tue, 08 Apr 2008) | 6 lines Add security note on astgenkey's manpage. (closes issue ASTERISK-11788) Reported by: lmamane Patches: 20080406__bug12373.diff.txt uploaded by Corydon76 (license 14) ........ ................ ------------------------------------------------------------------------ http://svn.digium.com/view/asterisk?view=rev&revision=113401 | ||