John Lightsey
2009-Sep-29 15:50 UTC
[Secure-testing-team] Bug#548909: xen-tools: xen-create-image creates world readable disk image files
Package: xen-tools Version: 3.9-4 Severity: grave Tags: security Justification: user security hole I''m tagging this security, though common best practices would suggest that access to the Dom0 should be severely restricted to begin with. When xen-create-image is used to create a file based DomU, the disk image files will have world readable permissions on a typical system with default umask settings. This means that all accounts on the Dom0 will have full access to the data on the DomU. The fix is to simply to alter createLoopbackImages() to chmod 0600 the image files after they are created with DD and before the filesystem is initialized or to simply to adjust the umask before running dd. This problem exists in both the stable 3.9 version of xen-tools and the unstable 4.1 version. -- System Information: Debian Release: 5.0.3 APT prefers stable APT policy: (500, ''stable'') Architecture: amd64 (x86_64) Kernel: Linux 2.6.26-1-xen-amd64 (SMP w/4 CPU cores) Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/bash Versions of packages xen-tools depends on: ii debootstrap 1.0.10lenny1 Bootstrap a basic Debian system ii libconfig-inifiles-perl 2.39-5 Read .ini-style configuration file ii libtext-template-perl 1.44-1.2 Text::Template perl module ii perl-modules 5.10.0-19lenny2 Core Perl modules Versions of packages xen-tools recommends: ii libexpect-perl 1.20-1 Expect.pm - Perl Expect interface ii reiserfsprogs 1:3.6.19-6 User-level tools for ReiserFS file ii rinse 1.3-2 RPM installation environment ii xen-hypervisor-3.2-1-amd64 3.2.1-2.jd1 The Xen Hypervisor on AMD64 ii xen-shell 1.8-3 Console based Xen administration u ii xfsprogs 2.9.8-1lenny1 Utilities for managing the XFS fil xen-tools suggests no packages. -- no debconf information