alpine 3.6
access weakness #121

1

Weakness Breakdown


Definition:

An access weakness occurs when software does not properly implement permissions that could have unintended consequences if exploited by malicious actors. An example of this weakness is when a default username and password are set by the developer but do not get changed by the system administrator.

Warning code(s):

Ensure that umask is given most restrictive possible setting.

File Name:

openrc/src/openrc-0.24.1/src/rc/checkpath.c

Context:

The highlighted line of code below is the trigger point of this particular Alpine 3.6 access weakness.

 			flags = O_CREAT|O_NDELAY|O_WRONLY|O_NOCTTY;
#ifdef O_CLOEXEC
			flags |= O_CLOEXEC;
#endif
#ifdef O_NOFOLLOW
			flags |= O_NOFOLLOW;
#endif
			if (trunc)
				flags |= O_TRUNC;
			u = umask(0);
			fd = open(path, flags, mode);
			umask(u);
			if (fd == -1) {
				eerror("%s: open: %s", applet, strerror(errno));
				return -1;
			}
			close (fd);
		} else if (type == inode_dir) {
			einfo("%s: creating directory", path);
			if (!mode) /* 775 */
				mode = S_IRWXU | S_IRWXG | S_IROTH | S_IXOTH;
			u = umask(0);
			/* We do not recursively create parents */
			r = mkdir(path, mode);
			umask(u);
			if (r == -1 && errno != EEXIST) {
				eerror("%s: mkdir: %s", applet,
				    strerror (errno));
				return -1;
			}
			mode = 0;
		} else if (type == inode_fifo) {
			einfo("%s: creating fifo", path);
			if (!mode) /* 600 */
				mode = S_IRUSR | S_IWUSR;
			u = umask(0);
			r = mkfifo(path, mode);
			umask(u);
			if (r == -1 && errno != EEXIST) {
				eerror("%s: mkfifo: %s", applet,
				    strerror (errno));
				return -1;
			}
		}
	} else {
		if (type != inode_dir && S_ISDIR(st.st_mode)) {
			eerror("%s: is a directory", path);
			return 1;
		}
		if (type != inode_file && S_ISREG(st.st_mode)) { 

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.