search

maxmind / geoipupdate

GeoIP update client code
Apache License 2.0
729 stars 142 forks source link

Incorrect default permissions for /etc/GeoIP.conf (world-readable) #328

Open robert-scheck opened 3 months ago

robert-scheck commented 3 months ago

Since MaxMind does not offer any GeoIP/GeoLite data services anymore when not being registered with MaxMind, the current permissions of /etc/GeoIP.conf are incorrect from my point of view, because world-readable is too relaxed and causes by default the leak of the credentials to other local (unprivileged) Linux system users (who could copy them to third-party systems or whatever):

Name        : geoipupdate
Epoch       : 0
Version     : 7.0.1
Release     : 1
Architecture: x86_64
Install Date: (not installed)
Group       : 
Size        : 5642415
License     : Apache 2.0 or MIT
Signature   : (none)
Source RPM  : geoipupdate-7.0.1-1.src.rpm
Build Date  : Mo 08 Apr 2024 23:30:08 CEST
Build Host  : work
Packager    : MaxMind, Inc. <support@maxmind.com>
Vendor      : MaxMind, Inc.
URL         : https://www.maxmind.com/
Summary     : Program to perform automatic updates of GeoIP2 and GeoLite2 binary databases.
Description :
Program to perform automatic updates of GeoIP2 and GeoLite2 binary databases.
-rw-r--r--    1 root     root                     1913 Apr  8 23:30 /etc/GeoIP.conf
-rwxr-xr-x    1 root     root                  5595288 Apr  8 23:30 /usr/bin/geoipupdate
drwxr-xr-x    2 root     root                        0 Apr  8 23:30 /usr/share/GeoIP
-rw-r--r--    1 root     root                    13221 Apr  8 23:29 /usr/share/doc/geoipupdate/CHANGELOG.md
-rw-r--r--    1 root     root                     1913 Apr  8 23:30 /usr/share/doc/geoipupdate/GeoIP.conf
-rw-r--r--    1 root     root                     3545 Apr  8 23:30 /usr/share/doc/geoipupdate/GeoIP.conf.md
-rw-r--r--    1 root     root                    11360 Apr  1 21:31 /usr/share/doc/geoipupdate/LICENSE-APACHE
-rw-r--r--    1 root     root                     1023 Jul 31  2020 /usr/share/doc/geoipupdate/LICENSE-MIT
-rw-r--r--    1 root     root                     4379 Apr  8 23:20 /usr/share/doc/geoipupdate/README.md
-rw-r--r--    1 root     root                     2509 Apr  8 23:30 /usr/share/doc/geoipupdate/geoipupdate.md
-rw-r--r--    1 root     root                     3083 Apr  8 23:30 /usr/share/man/man1/geoipupdate.1
-rw-r--r--    1 root     root                     4181 Apr  8 23:30 /usr/share/man/man5/GeoIP.conf.5

From my point of view, the permissions should be 0640 instead of 0644 aka world-readable. System administrators that want to relax the permissions for specific purposes should explicitly do so themself.

oschwald commented 3 months ago

I agree that it would be better if this file was not world-readable. This would likely be a breaking change for some users. We will likely hold off changing this until we release a new major version.