[Secure-testing-team] Bug#361913: linphone: patch for "passwords stored world-readable"

Alec Berryman alec at thened.net
Sun May 14 22:41:36 UTC 2006 

Package: linphone
Version: 1.3.3-1
Followup-For: Bug #361913

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Linphone also stores passwords in ~/.linphonerc.  That file may have
been created group- or world-accessible because it was created with
fopen(), which uses the user's umask.  See coreapi/lpconfig.c:211.  Both
frontends use functions in coreapi/lpconfig.c to store configuration
information, and do not implement separate read/parse/write functions.

Per console/linphonec.c:739, linphone appears to be migrating to use
~/.linphonerc for both the console and GNOME client, so any discussion
of ~/.gnome2_private vs gconf is probably moot.  Encrypting saved
passwords is also not a good option; see
http://gaim.sourceforge.net/plaintextpasswords.php for more
information.

The GNOME client does not appear to be using ~/.linphonerc as of
1.3.3-1; in gnome/linphone.c:344, the configuration file name is still
~/.gnome2/linphone.

I believe that the attached dpatch corrects the issue of world-readable
passwords.  When the configuration file is to be written, the user's
umask is overridden so that the file will not be created group- or
world-accessible.  Additionally, when parsing the configuration file on
startup, it will forcibly set permissions to 600.  This may be too
heavy-handed and it might be more appropriate to stat() and possibly
emit a g_warning() to the user, but I thought it was better to require
no user intervention.

The patch applies and compiles correctly (when docs are removed from the
build; see #365523).  I have tested the GNOME frontend, and
~/.gnome2/linphone is created correctly and is properly updated when it
already exists.


- -- System Information:
Debian Release: testing/unstable
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/dash
Kernel: Linux 2.6.16-alec-laptop
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)

Versions of packages linphone depends on:
ii  libart-2.0-2               2.3.17-1      Library of functions for 2D graphi
ii  libatk1.0-0                1.11.4-2      The ATK accessibility toolkit
ii  libbonobo2-0               2.14.0-1      Bonobo CORBA interfaces library
ii  libbonoboui2-0             2.14.0-2      The Bonobo UI library
ii  libc6                      2.3.6-7       GNU C Library: Shared libraries
ii  libcairo2                  1.0.4-2       The Cairo 2D vector graphics libra
ii  libfontconfig1             2.3.2-5.1     generic font configuration library
ii  libgconf2-4                2.14.0-1      GNOME configuration database syste
ii  libglib2.0-0               2.10.2-2      The GLib library of C routines
ii  libgnome-keyring0          0.4.9-1       GNOME keyring services library
ii  libgnome2-0                2.14.1-2      The GNOME 2 library - runtime file
ii  libgnomecanvas2-0          2.14.0-2      A powerful object-oriented display
ii  libgnomeui-0               2.14.1-1      The GNOME 2 libraries (User Interf
ii  libgnomevfs2-0             2.14.1-2      GNOME virtual file-system (runtime
ii  libgtk2.0-0                2.8.17-2      The GTK+ graphical user interface 
ii  libice6                    1:1.0.0-3     X11 Inter-Client Exchange library
ii  liblinphone1               1.3.3-1       linphone web phone's library (supp
ii  liborbit2                  1:2.14.0-1    libraries for ORBit2 - a CORBA ORB
ii  libosip2-3                 2.2.2-3       Session Initiation Protocol (SIP) 
ii  libpanel-applet2-0         2.14.1-1      library for GNOME 2 panel applets
ii  libpango1.0-0              1.12.1-3      Layout and rendering of internatio
ii  libpopt0                   1.7-5         lib for parsing cmdline parameters
ii  libsm6                     1:1.0.0-4     X11 Session Management library
ii  libx11-6                   2:1.0.0-6     X11 client-side library
ii  libxcursor1                1.1.5.2-5     X cursor management library
ii  libxext6                   1:1.0.0-4     X11 miscellaneous extension librar
ii  libxi6                     1:1.0.0-5     X11 Input extension library
ii  libxinerama1               1:1.0.1-4     X11 Xinerama extension library
ii  libxml2                    2.6.24.dfsg-1 GNOME XML library
ii  libxrandr2                 2:1.1.0.2-4   X11 RandR extension library
ii  libxrender1                1:0.9.0.2-4   X Rendering Extension client libra
ii  linphone-nox               1.3.3-1       web phone
ii  zlib1g                     1:1.2.3-11    compression library - runtime

linphone recommends no packages.

- -- no debconf information

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (GNU/Linux)

iD8DBQFEZ7IgAud/2YgchcQRAmAVAJ4xNuE1gHYCpyfTVkNnAivhD+3OKQCg6Z4K
lFd/uzLidkRUDOf5WlD+ML8=
=1is/
-----END PGP SIGNATURE-----
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 361913_world_readable_passwords.dpatch
Type: application/x-shellscript
Size: 1471 bytes
Desc: not available
Url : http://lists.alioth.debian.org/pipermail/pkg-voip-maintainers/attachments/20060514/d582e775/361913_world_readable_passwords-0002.bin
-------------- next part --------------
_______________________________________________
Secure-testing-team mailing list
Secure-testing-team at lists.alioth.debian.org
http://lists.alioth.debian.org/mailman/listinfo/secure-testing-team

More information about the Pkg-voip-maintainers mailing list