Control: tags -1 patch On Sat, Nov 21, 2015 at 08:52:29AM +0100, Paul Gevers wrote: > On 20-11-15 15:07, Simon Ruderich wrote: >> dbconfig-common creates a backup of the database on update and >> stores it in /var/cache/dbconfig-common/backups/. However the >> permissions are readable for all users which might expose >> sensitive data to all local users. > > Could you please provide more info, like which package you worked with > and which database type? The dbconfig-common package has mysql upgrade > examples and they work correctly:
Hello Paul, I just checked the source and found the problem. The backup file is touched before setting the umask, thus creating it with the insecure permissions. Attached is a patch against the version in Jessie (and another for sid). Regards Simon -- + privacy is necessary + using gnupg http://gnupg.org + public key id: 0x92FEFDB7E44C32F9
--- /usr/share/dbconfig-common/internal/pgsql.orig 2014-11-02 21:54:07.000000000 +0100 +++ /usr/share/dbconfig-common/internal/pgsql 2015-11-21 13:49:04.863637686 +0100 @@ -174,14 +174,14 @@ local extra retval PGSSLMODE localuser _dbc_asuser dumpfile old_umask dumpfile=$1 localuser=`_dbc_psql_local_username` - touch $dumpfile - chown $localuser $dumpfile PGSSLMODE="prefer" retval=0 _dbc_psql_cmd_setup if [ "$dbc_ssl" ]; then PGSSLMODE="require"; fi old_umask=`umask` umask 0066 + touch $dumpfile + chown $localuser $dumpfile extra=`_dbc_psql_cmd_args` extra="-f \"$dumpfile\" $extra" _dbc_debug "su -s /bin/sh $localuser -c \"env HOME='$_dbc_pgsql_tmpdir' PGPASSFILE='$_dbc_pgsql_tmpdir/.pgpass' PGSSLMODE='$PGSSLMODE' pg_dump $extra $dbc_dbname\" 2>&1"
--- internal/pgsql.orig 2015-11-21 13:53:12.044106639 +0100 +++ internal/pgsql 2015-11-21 13:53:50.944337903 +0100 @@ -181,14 +181,14 @@ local extra retval PGSSLMODE localuser _dbc_asuser dumpfile old_umask dumpfile=$1 localuser=`_dbc_psql_local_username` - touch $dumpfile - chown $localuser $dumpfile PGSSLMODE="prefer" retval=0 _dbc_psql_cmd_setup if [ "${dbc_ssl:-}" ]; then PGSSLMODE="require"; fi old_umask=`umask` umask 0066 + touch $dumpfile + chown $localuser $dumpfile extra=`_dbc_psql_cmd_args` extra="-f \"$dumpfile\" $extra" _dbc_debug "su -s /bin/sh $localuser -c \"env HOME='$_dbc_pgsql_tmpdir' PGPASSFILE='$_dbc_pgsql_tmpdir/.pgpass' PGSSLMODE='$PGSSLMODE' pg_dump $extra $dbc_dbname\" 2>&1"
signature.asc
Description: PGP signature