possible security issue
Michael Hrivnak
mhrivnak at redhat.com
Tue Jul 15 14:36:33 UTC 2014
There is a serious security issue that I reported to celery recently, and the maintainer suggested that it may affect python-daemon as well. He is currently working on a fix for celery.
https://groups.google.com/forum/#!topic/celery-users/iIqBL-kZCBQ
The summary is that worker daemon processes in celery by default will change their umask to 0. Then if they create new files, those files will be world-writable. Looking at PEP 3143, it seems that python-daemon may also have a default umask of 0.
Zero is is not a safe or expected default. The safe default is for a process to not change its inherited umask unless explicitly directed to do so. Having a setting to change it is fine, but the default behavior should be "no change".
The impact of this behavior is that unless a user knows to explicitly set a safe umask on their daemon processes, they could end up with world-writable files without realizing it.
Let me know if it would be helpful to elaborate on why this is insecure.
Michael
More information about the python-daemon-devel
mailing list