make_certificate.sh generates insecure data

[GoogleCodeExporter]

make_certificate.sh has two serious security problems (which is way too
much for a 4 line shell script!).

1) It overrides pseudo random number generator's seed with a predictable
value. It tries to compress /var/log/system.log and use it as a seed for
PRNG. This is silly for two reasons:

a) if /var/log/system.log exists on a given system, the result is quite
predictable (an attacker would have to either steal the system.log and try
compressing all possible truncations of that file to guess the PRNG output,
which isn't so hard, or try to guess its contents, which is still easier
than trying to brute force the key).
b) if /var/log/system.log doesn't exist (true for almost all Linux
distributions), this results in an empty file being used for seeding the
PRNG and the outcome is 100% predictable!

One shouldn't override openssl's PRNG handling without a good reason, and
when implemented in a way like in make_certificate.sh, it results in
gigantic security hole.

All 3 lines that mess with OpenSSL's PRNG should be eliminated, otherwise
they beat the purpose of SSL by making it easily crackable.

2) umask 077 should be set before generating the PEM key+certificate file,
otherwise the file ends up being world-readable. The file which holds the
private key! This is obviously insecure.

I'm attaching a patch against SVN that fixes both issues.

Original issue reported on code.google.com by aleksand...@gmail.com on 29 Sep 2008 at 10:04

Attachments:

• web-shell-make_certificate.sh.patch

[GoogleCodeExporter]

Fix committed to SVN. New version released (WebShell 0.9.6) with the fix 
present.

Original comment by aleksand...@gmail.com on 21 Oct 2008 at 9:29

• Changed state: Fixed