cryptsetup: warn if keyfiles are world-readable
This commit is contained in:
parent
8973790ee6
commit
5f1dac6bf6
6
TODO
6
TODO
|
@ -158,8 +158,6 @@ Features:
|
|||
|
||||
* use "log level" rather than "log priority" everywhere
|
||||
|
||||
* ensure sd_journal_seek_monotonic actually works properly.
|
||||
|
||||
* timedate: have global on/off switches for auto-time (NTP), and auto-timezone that connman can subscribe to.
|
||||
|
||||
* Honour "-" prefix for InaccessibleDirectories= and ReadOnlyDirectories= to
|
||||
|
@ -366,10 +364,10 @@ Features:
|
|||
- nspawn: make it work for dwalsh and shared /usr containers -- tmpfs mounts as command line parameters, selinux exec context
|
||||
|
||||
* cryptsetup:
|
||||
- cryptsetup-generator: warn if the password files are world-readable
|
||||
- cryptsetup-generator: allow specification of passwords in crypttab itself
|
||||
- move cryptsetup key caching into kernel keyctl?
|
||||
https://bugs.freedesktop.org/show_bug.cgi?id=54982
|
||||
- support rd.luks.allow-discards= kernel cmdline params in cryptsetup generator
|
||||
|
||||
* move debug shell to tty6 and make sure this doesn't break the gettys on tty6
|
||||
|
||||
|
@ -440,8 +438,6 @@ Features:
|
|||
|
||||
* change Requires=basic.target to RequisiteOverride=basic.target
|
||||
|
||||
* support rd.luks.allow-discards= kernel cmdline params in cryptsetup generator
|
||||
|
||||
* when breaking cycles drop sysv services first, then services from /run, then from /etc, then from /usr
|
||||
|
||||
* move passno parsing to fstab generator
|
||||
|
|
|
@ -497,15 +497,25 @@ int main(int argc, char *argv[]) {
|
|||
crypt_get_volume_key_size(cd)*8,
|
||||
argv[3]);
|
||||
|
||||
if (key_file)
|
||||
k = crypt_activate_by_keyfile_offset(cd, argv[2], CRYPT_ANY_SLOT, key_file, opt_keyfile_size,
|
||||
opt_keyfile_offset, flags);
|
||||
if (key_file) {
|
||||
struct stat st;
|
||||
|
||||
/* Ideally we'd do this on the open
|
||||
* fd, but since this is just a
|
||||
* warning it's OK to do this in two
|
||||
* steps */
|
||||
if (stat(key_file, &st) >= 0 && (st.st_mode & 0005))
|
||||
log_warning("Key file %s is world-readable. That's certainly not a good idea.", key_file);
|
||||
|
||||
k = crypt_activate_by_keyfile_offset(
|
||||
cd, argv[2], CRYPT_ANY_SLOT, key_file, opt_keyfile_size,
|
||||
opt_keyfile_offset, flags);
|
||||
if (k < 0) {
|
||||
log_error("Failed to activate with key file '%s': %s", key_file, strerror(-k));
|
||||
key_file = NULL;
|
||||
continue;
|
||||
}
|
||||
else {
|
||||
} else {
|
||||
char **p;
|
||||
|
||||
STRV_FOREACH(p, passwords) {
|
||||
|
|
Loading…
Reference in New Issue