summaryrefslogtreecommitdiff
blob: e2a6414ef05b736844b80d0917c4435f694a2778 (plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
From 0adec29674561034771c13e446069b41ef41e4d4 Mon Sep 17 00:00:00 2001
From: Michael Chang <mchang@suse.com>
Date: Fri, 3 Dec 2021 16:13:28 +0800
Subject: grub-mkconfig: Restore umask for the grub.cfg

The commit ab2e53c8a (grub-mkconfig: Honor a symlink when generating
configuration by grub-mkconfig) has inadvertently discarded umask for
creating grub.cfg in the process of running grub-mkconfig. The resulting
wrong permission (0644) would allow unprivileged users to read GRUB
configuration file content. This presents a low confidentiality risk
as grub.cfg may contain non-secured plain-text passwords.

This patch restores the missing umask and sets the creation file mode
to 0600 preventing unprivileged access.

Fixes: CVE-2021-3981

Signed-off-by: Michael Chang <mchang@suse.com>
Reviewed-by: Daniel Kiper <daniel.kiper@oracle.com>
---
 util/grub-mkconfig.in | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/util/grub-mkconfig.in b/util/grub-mkconfig.in
index c3ea761..62335d0 100644
--- a/util/grub-mkconfig.in
+++ b/util/grub-mkconfig.in
@@ -301,7 +301,10 @@ and /etc/grub.d/* files or please file a bug report with
     exit 1
   else
     # none of the children aborted with error, install the new grub.cfg
+    oldumask=$(umask)
+    umask 077
     cat ${grub_cfg}.new > ${grub_cfg}
+    umask $oldumask
     rm -f ${grub_cfg}.new
   fi
 fi
-- 
cgit v1.1