[Secure-testing-team] Bug#548909: xen-tools: xen-create-image creates world readable disk image files
John Lightsey
lightsey at debian.org
Tue Sep 29 15:50:08 UTC 2009
Package: xen-tools
Version: 3.9-4
Severity: grave
Tags: security
Justification: user security hole
I'm tagging this security, though common best practices would suggest that access
to the Dom0 should be severely restricted to begin with.
When xen-create-image is used to create a file based DomU, the disk image files
will have world readable permissions on a typical system with default umask
settings. This means that all accounts on the Dom0 will have full access to the data
on the DomU. The fix is to simply to alter createLoopbackImages() to chmod 0600 the
image files after they are created with DD and before the filesystem is initialized
or to simply to adjust the umask before running dd.
This problem exists in both the stable 3.9 version of xen-tools and the unstable 4.1
version.
-- System Information:
Debian Release: 5.0.3
APT prefers stable
APT policy: (500, 'stable')
Architecture: amd64 (x86_64)
Kernel: Linux 2.6.26-1-xen-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash
Versions of packages xen-tools depends on:
ii debootstrap 1.0.10lenny1 Bootstrap a basic Debian system
ii libconfig-inifiles-perl 2.39-5 Read .ini-style configuration file
ii libtext-template-perl 1.44-1.2 Text::Template perl module
ii perl-modules 5.10.0-19lenny2 Core Perl modules
Versions of packages xen-tools recommends:
ii libexpect-perl 1.20-1 Expect.pm - Perl Expect interface
ii reiserfsprogs 1:3.6.19-6 User-level tools for ReiserFS file
ii rinse 1.3-2 RPM installation environment
ii xen-hypervisor-3.2-1-amd64 3.2.1-2.jd1 The Xen Hypervisor on AMD64
ii xen-shell 1.8-3 Console based Xen administration u
ii xfsprogs 2.9.8-1lenny1 Utilities for managing the XFS fil
xen-tools suggests no packages.
-- no debconf information
More information about the Secure-testing-team
mailing list