Closed nagisa closed 4 months ago
throwaway96
commented
4 months ago What do you think about ddbc8f2? I'm not really set up to test it. Also, I'm not sure what platforms this script is supposed to run on and if mktemp is available on all of them.
nagisa
commented
4 months ago This looks good for me in context of linux at least. mktemp does exist on macs and as far as I know BSDs too. Ultimately if people are grabbing the script and integrating it into their systems, more likely than not they will know how to adjust it to work on their system in absence of mkdir, whereas if it works, but exposes secrets, it might go by unnoticed.
Yet another option would be to create and set up file before writing data to it:
touch file
chmod 0600 file
echo "$key" > filebut I'm partial to the mktemp variant personally.
Describe the bug
When going to the Info > Automatic Developer Mode Renewal > Script section, the code reads as such:
https://github.com/webosbrew/dev-manager-desktop/blob/669387f8f95e6463e2cc66931eb81780a0746076/src/app/info/renew-script/renew-script.sh#L9-L15
Observe that this script first writes the key to the usually world-readable+sticky-permissions
/tmp/, and only then chmods the file to 0600 to restrict the access to it.This is racy and it is quite possible that an external observer would be able to open the file before the permissions to it are changed.
Expected behavior
The script should instead utilize the umask mechanism to set a permissions mask before creating the secret key file, thus making it create the private key file with the correct permissions straight away.
An alternative method would be to create a directory within
/tmp, set the0700permissions on it and only then create the file within that directory.Screenshots
N/A
Additional context