Package: monkeysphere
Version: 0.41-1
Severity: important
Tags: upstream
Dear Maintainer,
`/usr/share/monkeysphere/ma/update_users` deletes the managed authorised_keys
file in the case of error,
even when that error has no possible security impact. The offending code is
here:
```
chown $(whoami) "$tmpAuthorizedKeys" && \
chgrp $(id -g "$uname") "$tmpAuthorizedKeys" && \
chmod g+r "$tmpAuthorizedKeys" && \
mv -f "$tmpAuthorizedKeys" "${authorizedKeysDir}/${uname}" || \
{
log error "Failed to install authorized_keys for '$uname'!"
rm -f "${authorizedKeysDir}/${uname}"
# indicate that there has been a failure:
returnCode=1
}
```
Any error whatsoever in this pipeline will cause `rm -f
"${authorizedKeysDir}/${uname}"` to be invoked,
potentially locking out the affected user. A transient filesystem error can
easily cause all users of a
system to be locked out simultaneously, e.g. if /var fills up. This has
happened to me several times.
Are you sure you want to remove the *live* authorized_keys file in case of
error? Not the temp one? I don't
understand how a failed `mv` in this case could cause a security issue serious
enough to warrant disabling
a login method.
Andrew.
-- System Information:
Debian Release: buster/sid
APT prefers testing
APT policy: (800, 'testing'), (700, 'unstable'), (500, 'stable-updates'),
(500, 'stable'), (500, 'oldstable')
Architecture: amd64 (x86_64)
Kernel: Linux 4.15.0-0.bpo.2-amd64 (SMP w/8 CPU cores)
Locale: LANG=en_IE.UTF-8, LC_CTYPE=en_IE.UTF-8 (charmap=UTF-8),
LANGUAGE=en_IE:en (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
LSM: AppArmor: enabled
Versions of packages monkeysphere depends on:
ii adduser 3.117
ii gnupg 2.2.5-1
ii libcrypt-openssl-rsa-perl 0.28-5+b1
ii libperl5.24 [libdigest-sha-perl] 5.24.1-7
ii libperl5.26 [libdigest-sha-perl] 5.26.2-2
ii lockfile-progs 0.1.17+b1
ii procmail 3.22-26
Versions of packages monkeysphere recommends:
ii agent-transfer 0.41-1
ii cron [cron-daemon] 3.0pl1-130
ii netcat-traditional [netcat] 1.10-41.1
ii openssh-client 1:7.7p1-2
ii ssh-askpass 1:1.2.4.1-10
Versions of packages monkeysphere suggests:
ii msva-perl [monkeysphere-validation-agent] 0.9.2-1
-- Configuration Files:
/etc/monkeysphere/monkeysphere-authentication.conf changed:
AUTHORIZED_USER_IDS="/etc/monkeysphere/authorized_user_ids/%u"
RAW_AUTHORIZED_KEYS='/etc/security/authorized_keys/%u'
/etc/monkeysphere/monkeysphere.conf changed:
KEYSERVER=localhost
-- no debconf information