From c4415fd57d6f3428a2dbd7578db1a10b1ad4d7c6 Mon Sep 17 00:00:00 2001 From: Michael Hanselmann Date: Fri, 19 Dec 2008 19:30:17 +0000 Subject: [PATCH] ganeti.bootstrap: Write SSL key to temporary file and set permissions Previously, we set the permissions only after writing the key. This gave other users on the system a small window during which they could read the key. Reviewed-by: amishchenko --- lib/bootstrap.py | 30 +++++++++++++++++++++--------- 1 file changed, 21 insertions(+), 9 deletions(-) diff --git a/lib/bootstrap.py b/lib/bootstrap.py index 16daf53..7bef3fa 100644 --- a/lib/bootstrap.py +++ b/lib/bootstrap.py @@ -28,6 +28,7 @@ import os.path import sha import re import logging +import tempfile from ganeti import rpc from ganeti import ssh @@ -76,15 +77,26 @@ def _GenerateSelfSignedSslCert(file_name, validity=(365 * 5)): @param validity: Validity for certificate in days """ - result = utils.RunCmd(["openssl", "req", "-new", "-newkey", "rsa:1024", - "-days", str(validity), "-nodes", "-x509", - "-keyout", file_name, "-out", file_name, "-batch"]) - if result.failed: - raise errors.OpExecError("Could not generate SSL certificate, command" - " %s had exitcode %s and error message %s" % - (result.cmd, result.exit_code, result.output)) - - os.chmod(file_name, 0400) + (fd, tmp_file_name) = tempfile.mkstemp(dir=os.path.dirname(file_name)) + try: + # Set permissions before writing key + os.chmod(tmp_file_name, 0600) + + result = utils.RunCmd(["openssl", "req", "-new", "-newkey", "rsa:1024", + "-days", str(validity), "-nodes", "-x509", + "-keyout", tmp_file_name, "-out", tmp_file_name, + "-batch"]) + if result.failed: + raise errors.OpExecError("Could not generate SSL certificate, command" + " %s had exitcode %s and error message %s" % + (result.cmd, result.exit_code, result.output)) + + # Make read-only + os.chmod(tmp_file_name, 0400) + + os.rename(tmp_file_name, file_name) + finally: + utils.RemoveFile(tmp_file_name) def _InitGanetiServerSetup(): -- 1.7.10.4