Bug#632598: grub-mkconfig: should set safer permissions even when hashed passwords are found

Francesco Poli (wintermute) invernomuto at paranoici.org
Sun Jul 3 21:33:21 UTC 2011 

Package: grub-common
Version: 1.99-6
Severity: normal
Tags: patch, security

Hi!

The following code in grub-mkconfig makes sure that the grub.cfg
configuration file is given read-permissions for non-root users, only
when it does *not* include clear-text passwords:

  if [ "x${grub_cfg}" != "x" ] && ! grep -q "^password " ${grub_cfg}.new ; then
    chmod 444 ${grub_cfg}.new || true
  fi

This is good, since having clear-text passwords in a world-readable
file is not safe.

However, when the configuration file includes hashed passwords (as
in the password_pbkdf2 directive), but no clear-text passwords, it
will end up being world-readable.

I would feel safer, if grub.cfg were left with its stricter permissions
(only readable by root), whenever it includes passwords of any type
(clear-text or hashed).

The attached patch (which is too trivial to be convered by copyright)
should achieve this result.

Please apply and/or forward to upstream, as appropriate.

Thanks for your attention!


-- System Information:
Debian Release: wheezy/sid
  APT prefers testing
  APT policy: (800, 'testing'), (500, 'unstable')
Architecture: amd64 (x86_64)

Kernel: Linux 2.6.39-2-amd64 (SMP w/2 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages grub-common depends on:
ii  gettext-base            0.18.1.1-3       GNU Internationalization utilities
ii  libc6                   2.13-7           Embedded GNU C Library: Shared lib
ii  libdevmapper1.02.1      2:1.02.63-3      The Linux Kernel Device Mapper use
ii  libfreetype6            2.4.4-2          FreeType 2 font engine, shared lib
ii  libfuse2                2.8.5-3          Filesystem in Userspace (library)
ii  zlib1g                  1:1.2.3.4.dfsg-3 compression library - runtime

Versions of packages grub-common recommends:
pn  os-prober                     <none>     (no description available)

Versions of packages grub-common suggests:
ii  desktop-base                  6.0.6      common files for the Debian Deskto
pn  grub-emu                      <none>     (no description available)
pn  multiboot-doc                 <none>     (no description available)
pn  xorriso                       <none>     (no description available)

-- Configuration Files:
/etc/grub.d/40_custom [Errno 13] Permission denied: u'/etc/grub.d/40_custom'

-- no debconf information
-------------- next part --------------
A non-text attachment was scrubbed...
Name: safer_grub_cfg_perms.diff.gz
Type: application/x-gzip
Size: 249 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-grub-devel/attachments/20110703/f72797cd/attachment.bin>

More information about the Pkg-grub-devel mailing list