On Mon, 02.02.15 12:06, Cristian Rodríguez (crrodrig...@opensuse.org) wrote:
> Using /dev/urandom as a key is valid for swap, do not
> warn if this devices are world readable.
> ---
> src/cryptsetup/cryptsetup.c | 6 ++++--
> 1 file changed, 4 insertions(+), 2 deletions(-)
>
> diff --git a/src/cryptsetup/cryptsetup.c b/src/cryptsetup/cryptsetup.c
> index e6b37ac..38930ae 100644
> --- a/src/cryptsetup/cryptsetup.c
> +++ b/src/cryptsetup/cryptsetup.c
> @@ -624,8 +624,10 @@ int main(int argc, char *argv[]) {
>
> /* Ideally we'd do this on the open fd, but since
> this is just a
> * warning it's OK to do this in two steps. */
> - if (stat(key_file, &st) >= 0 && (st.st_mode & 0005))
> - log_warning("Key file %s is world-readable.
> This is not a good idea!", key_file);
> + if (stat(key_file, &st) >= 0 && (st.st_mode & 0005))
> {
> + if(!STR_IN_SET(key_file, "/dev/urandom",
> "/dev/random", "/dev/hw_random"))
> + log_warning("Key file %s is
> world-readable. This is not a good idea!", key_file);
> + }
I'd prefer if we'd change the check instead to only apply to
S_ISREG() files. This way we wouldn't have to list all RNG device
nodes.
Lennart
--
Lennart Poettering, Red Hat
_______________________________________________
systemd-devel mailing list
systemd-devel@lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/systemd-devel
