alpine 3.6
access weakness #434

1

Weakness Breakdown


Definition:

An access weakness occurs when software does not properly implement permissions that could have unintended consequences if exploited by malicious actors. An example of this weakness is when a default username and password are set by the developer but do not get changed by the system administrator.

Warning code(s):

Ensure that umask is given most restrictive possible setting.

File Name:

libotr/src/libotr-4.1.1/src/privkey.c

Context:

The highlighted line of code below is the trigger point of this particular Alpine 3.6 access weakness.

     if (err) {
	return err;
    }
    err = gcry_pk_genkey(&key, parms);
    gcry_sexp_release(parms);
    if (err) {
	return err;
    }

    /* Extract the privkey */
    ppc->privkey = gcry_sexp_find_token(key, "private-key", 0);
    gcry_sexp_release(key);

    return gcry_error(GPG_ERR_NO_ERROR);
}

static FILE* privkey_fopen(const char *filename, gcry_error_t *errp)
{
    FILE *privf;
#ifndef WIN32
    mode_t oldmask;
#endif

#ifndef WIN32
    oldmask = umask(077);
#endif
    privf = fopen(filename, "w+b");
    if (!privf && errp) {
	*errp = gcry_error_from_errno(errno);
    }
#ifndef WIN32
    umask(oldmask);
#endif
    return privf;
}

/* Call this from the main thread only, in the event that the background
 * thread generating the key is cancelled.  The newkey is deallocated,
 * and must not be used further. */
void otrl_privkey_generate_cancelled(OtrlUserState us, void *newkey)
{
    struct s_pending_privkey_calc *ppc =
	    (struct s_pending_privkey_calc *)newkey;

    if (us) {
	pending_forget(pending_find(us, ppc->accountname, ppc->protocol));
    }

    /* Deallocate ppc */
    free(ppc->accountname); 

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.