Closed nagisa closed 4 months ago
What do you think about ddbc8f2? I'm not really set up to test it. Also, I'm not sure what platforms this script is supposed to run on and if mktemp
is available on all of them.
This looks good for me in context of linux at least. mktemp
does exist on macs and as far as I know BSDs too. Ultimately if people are grabbing the script and integrating it into their systems, more likely than not they will know how to adjust it to work on their system in absence of mkdir
, whereas if it works, but exposes secrets, it might go by unnoticed.
Yet another option would be to create and set up file before writing data to it:
touch file
chmod 0600 file
echo "$key" > file
but I'm partial to the mktemp
variant personally.
Describe the bug
When going to the Info > Automatic Developer Mode Renewal > Script section, the code reads as such:
https://github.com/webosbrew/dev-manager-desktop/blob/669387f8f95e6463e2cc66931eb81780a0746076/src/app/info/renew-script/renew-script.sh#L9-L15
Observe that this script first writes the key to the usually world-readable+sticky-permissions
/tmp/
, and only then chmods the file to 0600 to restrict the access to it.This is racy and it is quite possible that an external observer would be able to open the file before the permissions to it are changed.
Expected behavior
The script should instead utilize the umask mechanism to set a permissions mask before creating the secret key file, thus making it create the private key file with the correct permissions straight away.
An alternative method would be to create a directory within
/tmp
, set the0700
permissions on it and only then create the file within that directory.Screenshots
N/A
Additional context