From patchwork Thu Mar 16 14:03:47 2017
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Timothy Redaelli <tredaelli@redhat.com>
X-Patchwork-Id: 739834
Return-Path: <ovs-dev-bounces@openvswitch.org>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Received: from mail.linuxfoundation.org (mail.linuxfoundation.org
	[140.211.169.12])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256
	bits)) (No client certificate requested)
	by ozlabs.org (Postfix) with ESMTPS id 3vkVZZ2b8xz9ryZ
	for <incoming@patchwork.ozlabs.org>;
	Fri, 17 Mar 2017 01:04:05 +1100 (AEDT)
Received: from mail.linux-foundation.org (localhost [127.0.0.1])
	by mail.linuxfoundation.org (Postfix) with ESMTP id 6F3E5B1F;
	Thu, 16 Mar 2017 14:04:02 +0000 (UTC)
X-Original-To: dev@openvswitch.org
Delivered-To: ovs-dev@mail.linuxfoundation.org
Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org
	[172.17.192.35])
	by mail.linuxfoundation.org (Postfix) with ESMTPS id 1F383B1E
	for <dev@openvswitch.org>; Thu, 16 Mar 2017 14:04:01 +0000 (UTC)
X-Greylist: domain auto-whitelisted by SQLgrey-1.7.6
Received: from mx1.redhat.com (mx1.redhat.com [209.132.183.28])
	by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 9077B1D6
	for <dev@openvswitch.org>; Thu, 16 Mar 2017 14:04:00 +0000 (UTC)
Received: from smtp.corp.redhat.com
	(int-mx01.intmail.prod.int.phx2.redhat.com [10.5.11.11])
	(using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits))
	(No client certificate requested)
	by mx1.redhat.com (Postfix) with ESMTPS id 01B8E64F4
	for <dev@openvswitch.org>; Thu, 16 Mar 2017 14:04:01 +0000 (UTC)
DMARC-Filter: OpenDMARC Filter v1.3.2 mx1.redhat.com 01B8E64F4
Authentication-Results: ext-mx09.extmail.prod.ext.phx2.redhat.com;
	dmarc=none (p=none dis=none) header.from=redhat.com
Authentication-Results: ext-mx09.extmail.prod.ext.phx2.redhat.com;
	spf=pass smtp.mailfrom=tredaelli@redhat.com
DKIM-Filter: OpenDKIM Filter v2.11.0 mx1.redhat.com 01B8E64F4
Received: from graphite.mxp.redhat.com (dhcp-176-62.mxp.redhat.com
	[10.32.176.62])
	by smtp.corp.redhat.com (Postfix) with ESMTP id D9C325C469;
	Thu, 16 Mar 2017 14:03:56 +0000 (UTC)
From: Timothy Redaelli <tredaelli@redhat.com>
To: dev@openvswitch.org
Date: Thu, 16 Mar 2017 15:03:47 +0100
Message-Id: 
 <be41432d52cb0095a048b84439e2506550df6c49.1489661081.git.tredaelli@redhat.com>
X-Scanned-By: MIMEDefang 2.79 on 10.5.11.11
X-Greylist: Sender IP whitelisted, not delayed by milter-greylist-4.5.16
	(mx1.redhat.com [10.5.110.38]);
	Thu, 16 Mar 2017 14:04:01 +0000 (UTC)
X-Spam-Status: No, score=-6.9 required=5.0 tests=BAYES_00, RCVD_IN_DNSWL_HI,
	RP_MATCHES_RCVD autolearn=ham version=3.3.1
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	smtp1.linux-foundation.org
Subject: [ovs-dev] [RFC] make logs readable only by owner
X-BeenThere: ovs-dev@openvswitch.org
X-Mailman-Version: 2.1.12
Precedence: list
List-Id: <ovs-dev.openvswitch.org>
List-Unsubscribe: <https://mail.openvswitch.org/mailman/options/ovs-dev>,
	<mailto:ovs-dev-request@openvswitch.org?subject=unsubscribe>
List-Archive: <http://mail.openvswitch.org/pipermail/ovs-dev/>
List-Post: <mailto:ovs-dev@openvswitch.org>
List-Help: <mailto:ovs-dev-request@openvswitch.org?subject=help>
List-Subscribe: <https://mail.openvswitch.org/mailman/listinfo/ovs-dev>,
	<mailto:ovs-dev-request@openvswitch.org?subject=subscribe>
MIME-Version: 1.0
Sender: ovs-dev-bounces@openvswitch.org
Errors-To: ovs-dev-bounces@openvswitch.org

The Open vSwitch log directory and files are currently set world readable.

However, since only Open vSwitch users and processes need to access this
directory and files there is no need to allow the world to access them,
since it can result in the exposure of sensitive information.

Signed-off-by: Timothy Redaelli <tredaelli@redhat.com>
---
 lib/vlog.c           | 2 +-
 utilities/ovs-lib.in | 5 +++--
 utilities/ovs-pki.in | 2 +-
 3 files changed, 5 insertions(+), 4 deletions(-)

I didn't change the MKDIR_P in automake.mk since it will be removed in
https://patchwork.ozlabs.org/patch/737029/

diff --git a/lib/vlog.c b/lib/vlog.c
index 333337b..6f709fd 100644
--- a/lib/vlog.c
+++ b/lib/vlog.c
@@ -360,7 +360,7 @@ vlog_set_log_file(const char *file_name)
     new_log_file_name = (file_name
                          ? xstrdup(file_name)
                          : xasprintf("%s/%s.log", ovs_logdir(), program_name));
-    new_log_fd = open(new_log_file_name, O_WRONLY | O_CREAT | O_APPEND, 0666);
+    new_log_fd = open(new_log_file_name, O_WRONLY | O_CREAT | O_APPEND, 0600);
     if (new_log_fd < 0) {
         VLOG_WARN("failed to open %s for logging: %s",
                   new_log_file_name, ovs_strerror(errno));
diff --git a/utilities/ovs-lib.in b/utilities/ovs-lib.in
index 93085ca..3e6f340 100644
--- a/utilities/ovs-lib.in
+++ b/utilities/ovs-lib.in
@@ -150,13 +150,14 @@ version_geq() {
 
 install_dir () {
     DIR="$1"
+    INSTALL_MODE="${2:-755}"
     INSTALL_USER="root"
     INSTALL_GROUP="root"
     [ "$OVS_USER" != "" ] && INSTALL_USER="${OVS_USER%:*}"
     [ "${OVS_USER##*:}" != "" ] && INSTALL_GROUP="${OVS_USER##*:}"
 
     if test ! -d "$DIR"; then
-        install -d -m 755 -o "$INSTALL_USER" -g "$INSTALL_GROUP" "$DIR"
+        install -d -m "$INSTALL_MODE" -o "$INSTALL_USER" -g "$INSTALL_GROUP" "$DIR"
         restorecon "$DIR" >/dev/null 2>&1
     fi
 }
@@ -174,7 +175,7 @@ start_daemon () {
     cd "$DAEMON_CWD"
 
     # log file
-    install_dir "$logdir"
+    install_dir "$logdir" "700"
     set "$@" --log-file="$logdir/$daemon.log"
 
     # pidfile and monitoring
diff --git a/utilities/ovs-pki.in b/utilities/ovs-pki.in
index 7a992a5..2d4f370 100755
--- a/utilities/ovs-pki.in
+++ b/utilities/ovs-pki.in
@@ -201,7 +201,7 @@ esac
 
 logdir=$(dirname "$log")
 if test ! -d "$logdir"; then
-    mkdir -p -m755 "$logdir" 2>/dev/null || true
+    mkdir -p -m700 "$logdir" 2>/dev/null || true
     if test ! -d "$logdir"; then
         echo "$0: log directory $logdir does not exist and cannot be created" >&2
         exit 1