Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Use of wpa_cli leaves in raspi-config wpa_supplicant file world readable #202

Open
vtcifer opened this issue Oct 22, 2022 · 2 comments
Open

Comments

@vtcifer
Copy link

vtcifer commented Oct 22, 2022

The wpa_cli wrapper that raspi-config uses uses to setup access to wireless networks leaves /etc/wpa_supplicant/wpa_supplicant.conf file world readable:

root@raspberrypi:/etc/wpa_supplicant# ls -al
total 52
drwxr-xr-x  2 root root  4096 Oct 22 18:27 .
drwxr-xr-x 82 root root  4096 Sep 21 23:17 ..
-rwxr-xr-x  1 root root   937 Feb 25  2021 action_wpa.sh
-rw-r--r--  1 root root 25569 Feb 25  2021 functions.sh
-rwxr-xr-x  1 root root  4696 Feb 25  2021 ifupdown.sh
-rw-------  1 root root    73 Oct 22 18:27 wpa_supplicant.conf
root@raspberrypi:/etc/wpa_supplicant# raspi-config nonint do_wifi_ssid_passphrase  "Foo" "Bar" "0" "1"
root@raspberrypi:/etc/wpa_supplicant# ls -al
total 52
drwxr-xr-x  2 root root  4096 Oct 22 18:28 .
drwxr-xr-x 82 root root  4096 Sep 21 23:17 ..
-rwxr-xr-x  1 root root   937 Feb 25  2021 action_wpa.sh
-rw-r--r--  1 root root 25569 Feb 25  2021 functions.sh
-rwxr-xr-x  1 root root  4696 Feb 25  2021 ifupdown.sh
-rw-r--r--  1 root root    72 Oct 22 18:28 wpa_supplicant.conf
root@raspberrypi:/etc/wpa_supplicant#

While fixing wpa_cli to not leave this file with passwords in it world readable is certainly out of scope for here, addressing the fact that it happens isn't. Fixing permissions to 600 after executing is likely needed here (as is done in other places when raspi-confg / wpa_cli isn't used, for example the rpi-imager has code that deals specifically with changing the permissions on this file, see link below).

https://github.com/raspberrypi/rpi-imager/blob/9d4665dbcac67d54c7c7e62690979580ce4c7349/src/OptionsPopup.qml#L723-L732

@XECDesign
Copy link
Member

Thanks for the report.

Using chmod would still allow the config file to be read for a brief moment, so that might be a bit less than ideal.

I've updated dhcpcd's wpa_supplicant hook to run it with a umask of 0077, which makes sure that wpa_supplicant.conf is always saved with 600. This update should be public once I've done a bit more testing to make sure it doesn't cause other issues.

@XECDesign
Copy link
Member

Updated version of dhcpcd has gone up.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants