Bug #40241

Encryption key sometimes readable for anybody

Added by Andreas Wolf about 9 years ago. Updated almost 9 years ago.

Status:
Rejected
Priority:
Must have
Assignee:
-
Category:
Security
Target version:
-
Start date:
2012-08-26
Due date:
% Done:

0%

Estimated time:
PHP Version:
Has patch:
No
Complexity:

Description

The encryption key is (on *NIX) generated with the current umask. On most systems, this is something like 0022, making the file readable for anybody. If the key is supposed to be kept secret (which I assume), this might pose a security risk.

This issue could be easily fixed by using chmod() or touch() in Security\Cryptography\HashService.

#1

Updated by Karsten Dambekalns about 9 years ago

Off the top of my head I'd respond with "then most systems seem be set up in an insecure way". :/

#2

Updated by Andreas Wolf about 9 years ago

Karsten Dambekalns wrote:

Off the top of my head I'd respond with "then most systems seem be set up in an insecure way". :/

Kind of, yes. But there is data where it doesn't harm that everybody can read them, and others that should be kept secret. I'd say the encryption key is rather of the lattter kind...

#3

Updated by Robert Lemke almost 9 years ago

  • Status changed from New to Rejected

We generally don't set umasks or owners / groups while creating files because server setups may vary a lot. If I'm not completely mistaken, this can always be solved by a proper server setup and as I experienced in the past, interfering with such as setup (by using chmod) might cause trouble.

I'll close this for now. If there is a bullet-proof solution with proof that it won't have side effects on typical server setups, you can re-open it.

Also available in: Atom PDF