Dear security members, Recently a security issue¹ was reported against my package dbconfig-common. dbconfig-common is a Debian helper package for packages that require data in a database. The issue is that backups made by dbconfig-common during updates that involve PostgreSQL databases end up in files that may be readable by every user on the system because file permissions are not properly enforced. The umask is set but only after the file is created. The fix is simple, move the lines creating the files and setting the ownership to after the change of the umask (see below the patch for unstable).
Of course I will fix this issue in unstable, but do you consider this a worthy case for a security update in jessie and/or wheezy? If not, do you think I should do this via a stable update? Paul ¹ https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=805638 --- /usr/share/dbconfig-common/internal/pgsql.orig 2014-11-02 21:54:07.000000000 +0100 +++ /usr/share/dbconfig-common/internal/pgsql 2015-11-21 13:49:04.863637686 +0100 @@ -174,14 +174,14 @@ local extra retval PGSSLMODE localuser _dbc_asuser dumpfile old_umask dumpfile=$1 localuser=`_dbc_psql_local_username` - touch $dumpfile - chown $localuser $dumpfile PGSSLMODE="prefer" retval=0 _dbc_psql_cmd_setup if [ "$dbc_ssl" ]; then PGSSLMODE="require"; fi old_umask=`umask` umask 0066 + touch $dumpfile + chown $localuser $dumpfile extra=`_dbc_psql_cmd_args` extra="-f \"$dumpfile\" $extra" _dbc_debug "su -s /bin/sh $localuser -c \"env HOME='$_dbc_pgsql_tmpdir' PGPASSFILE='$_dbc_pgsql_tmpdir/.pgpass' PGSSLMODE='$PGSSLMODE' pg_dump $extra $dbc_dbname\" 2>&1"
signature.asc
Description: OpenPGP digital signature
