alpine 3.7
access weakness #100

1

Weakness Breakdown


Definition:

An access weakness occurs when software does not properly implement permissions that could have unintended consequences if exploited by malicious actors. An example of this weakness is when a default username and password are set by the developer but do not get changed by the system administrator.

Warning code(s):

Ensure that umask is given most restrictive possible setting.

File Name:

dovecot/src/dovecot-2.2.36.3/src/lib/file-dotlock.c

Context:

The highlighted line of code below is the trigger point of this particular Alpine 3.7 access weakness.

 		i_assert(lock_info->fd == -1);

		p = strrchr(lock_info->lock_path, '/');

		str_truncate(tmp_path, 0);
		if (temp_prefix != NULL) {
			if (*temp_prefix != '/' && p != NULL) {
				/* add directory */
				str_append_n(tmp_path, lock_info->lock_path,
					     p - lock_info->lock_path);
				str_append_c(tmp_path, '/');
			}
			str_append(tmp_path, temp_prefix);
		} else {
			if (p != NULL) {
				/* add directory */
				str_append_n(tmp_path, lock_info->lock_path,
					     p - lock_info->lock_path);
				str_append_c(tmp_path, '/');
			}
			str_printfa(tmp_path, ".temp.%s.%s.",
				    my_hostname, my_pid);
		}

		old_mask = umask(0666);
		lock_info->fd = safe_mkstemp(tmp_path, 0666 ^ old_mask,
					     (uid_t)-1, (gid_t)-1);
		umask(old_mask);
		if (lock_info->fd == -1)
			return -1;

		if (write_pid) {
			if (file_write_pid(lock_info->fd,
					   str_c(tmp_path),
					   lock_info->set->nfs_flush) < 0) {
				i_close_fd(&lock_info->fd);
				return -1;
			}
		}

                lock_info->temp_path = str_c(tmp_path);
	} else if (fstat(lock_info->fd, &st) < 0) {
		i_error("fstat(%s) failed: %m", lock_info->temp_path);
		return -1;
	} else if (st.st_ctime < now) {
		/* we've been waiting for a while.
		   refresh the file's timestamp. */
		if (utime(lock_info->temp_path, NULL) < 0)
			i_error("utime(%s) failed: %m", lock_info->temp_path);
	} 

The registered trademark Linux® is used pursuant to a sublicense from the Linux Foundation, the exclusive licensee of Linus Torvalds, owner of the mark on a world­wide basis.