[Secure-testing-team] Bug#728092: ifupdown: ifup -v displays wpa-password in cleartext
Thorsten Glaser
tg at mirbsd.de
Mon Oct 28 10:25:38 UTC 2013
Package: ifupdown
Version: 0.7.45
Severity: grave
Tags: security
Justification: user security hole
I’ve got a configuration snippet in /etc/network/interfaces (chmod 0600,
root-owned) on my work laptop like the following one:
iface tarent-lan inet dhcp
wireless-mode Managed
wireless-essid tarent-lan
wpa-ssid tarent-lan
wpa-key-mgmt WPA-EAP
wpa-identity tglase
wpa-password xxx
This is for “enterprise” WPA, which was introduced here last week.
Now I normally run “sudo ifup -v wlan0=tarent-lan” to activate it,
but ifupdown then displays the wpa-password in cleartext.
This does *not* happen for “regular” WPA, like this (from FOSDEM):
iface bruxelles inet dhcp
wireless-mode Managed
wireless-essid "HOTEL-BEVERLY-HILLS 3"
wpa-ssid "HOTEL-BEVERLY-HILLS 3"
wpa-psk xxx
Please hide this information.
Additionally, it would be very nice if I could write the passwords
(both wpa-psk and wpa-password) into a *separate* file, so access
to /e/n/i needs not to be restricted that much. I’ve not got a good
feeling having my LDAP password be written there in the plaintext…
-- System Information:
Debian Release: jessie/sid
APT prefers unstable
APT policy: (500, 'unstable')
Architecture: amd64 (x86_64)
Kernel: Linux 3.11-1-amd64 (SMP w/2 CPU cores)
Locale: LANG=C, LC_CTYPE=en_GB.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/lksh
Versions of packages ifupdown depends on:
ii file-rc 0.8.16
ii initscripts 2.88dsf-43
ii iproute2 3.11.0-1
ii libc6 2.17-93
ii lsb-base 4.1+Debian12
Versions of packages ifupdown recommends:
ii isc-dhcp-client [dhcp-client] 4.2.4-7
Versions of packages ifupdown suggests:
ii net-tools 1.60-25
ii ppp 2.4.5-5.2
pn rdnssd <none>
-- no debconf information
More information about the Secure-testing-team
mailing list