alpine 3.6
access weakness #250

1

Weakness Breakdown


Definition:

An access weakness occurs when software does not properly implement permissions that could have unintended consequences if exploited by malicious actors. An example of this weakness is when a default username and password are set by the developer but do not get changed by the system administrator.

Warning code(s):

Ensure that umask is given most restrictive possible setting.

File Name:

tinyssh/src/tinyssh-20161101/tinyssh-tests/subprocess_signtest.c

Context:

The highlighted line of code below is the trigger point of this particular Alpine 3.6 access weakness.

 #include "randommod.h"
#include "crypto_uint32.h"
#include "subprocess.h"

unsigned char sh[sshcrypto_hash_MAX];
unsigned char sm[sshcrypto_sign_MAX + sshcrypto_hash_MAX];
unsigned char m[sshcrypto_sign_MAX + sshcrypto_hash_MAX];
unsigned long long mlen;
unsigned char sk[sshcrypto_sign_SECRETKEYMAX];
const char *keydir = "./keydir";

static void create(const char *fn, const unsigned char *x, long long xlen) {
    if (savesync(fn, x, xlen) == -1) fail("unable to create test directory");
}

int main(void) {

    long long i, j;
    int fd;

    fd = open_cwd();
    if (fd == -1) fail("open_cwd() failure");

    /* make keydir */
    umask(022);
    if (mkdir(keydir, 0755) == -1) fail("unable to create test directory");
    if (chdir(keydir) == -1) fail("unable to chdir to directory");
    for (i = 0; sshcrypto_keys[i].name; ++i) {

        if (sshcrypto_keys[i].sign_keypair(sshcrypto_keys[i].sign_publickey, sk) != 0) fail("unable to generate key pair");
        umask(022);
        create(sshcrypto_keys[i].sign_publickeyfilename, sshcrypto_keys[i].sign_publickey, sshcrypto_keys[i].sign_publickeybytes);
        umask(077);
        create(sshcrypto_keys[i].sign_secretkeyfilename, sk, sshcrypto_keys[i].sign_secretkeybytes);
        purge(sk, sizeof sk);
    }

    if (fchdir(fd) == -1) fail("fchdir() failure");

    for (i = 0; sshcrypto_keys[i].name; ++i) {

        /* set globals */
        sshcrypto_key_name = sshcrypto_keys[i].name;
        sshcrypto_sign = sshcrypto_keys[i].sign;
        sshcrypto_sign_publickey = sshcrypto_keys[i].sign_publickey;
        sshcrypto_sign_publickeybytes = sshcrypto_keys[i].sign_publickeybytes;
        sshcrypto_sign_secretkeybytes = sshcrypto_keys[i].sign_secretkeybytes;
        sshcrypto_sign_bytes = sshcrypto_keys[i].sign_bytes;
        sshcrypto_sign_secretkeyfilename = sshcrypto_keys[i].sign_secretkeyfilename;
        sshcrypto_hash_bytes = 64; 

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.