From 22b97b7214e71a9f3afb9579acdf56abab29564f Mon Sep 17 00:00:00 2001 From: Bilal Amarni Date: Thu, 12 Jan 2017 11:04:11 +0100 Subject: [PATCH] check permissions on acme.json during startup Follow-up from #639. At the moment people that were affected by this security issue would still be vulnerable even after upgrading. This patch makes sure permissions are also checked for already existing files. Signed-off-by: Bilal Amarni --- acme/localStore.go | 17 ++++++++++++++++- server.go | 4 ++-- 2 files changed, 18 insertions(+), 3 deletions(-) diff --git a/acme/localStore.go b/acme/localStore.go index 536fad509..ac74bc531 100644 --- a/acme/localStore.go +++ b/acme/localStore.go @@ -4,6 +4,7 @@ import ( "encoding/json" "fmt" "io/ioutil" + "os" "sync" "github.com/containous/traefik/cluster" @@ -38,7 +39,21 @@ func (s *LocalStore) Load() (cluster.Object, error) { s.storageLock.Lock() defer s.storageLock.Unlock() account := &Account{} - file, err := ioutil.ReadFile(s.file) + + f, err := os.Open(s.file) + if err != nil { + return nil, err + } + defer f.Close() + fi, err := f.Stat() + if err != nil { + return nil, err + } + if fi.Mode().Perm()&0077 != 0 { + return nil, fmt.Errorf("permissions %o for %s are too open, please use 600", fi.Mode().Perm(), s.file) + } + + file, err := ioutil.ReadAll(f) if err != nil { return nil, err } diff --git a/server.go b/server.go index f98e92d1d..9099e9b74 100644 --- a/server.go +++ b/server.go @@ -499,7 +499,7 @@ func (server *Server) prepareServer(entryPointName string, router *middlewares.H negroni.UseHandler(router) tlsConfig, err := server.createTLSConfig(entryPointName, entryPoint.TLS, router) if err != nil { - log.Errorf("Error creating TLS config %s", err) + log.Errorf("Error creating TLS config: %s", err) return nil, err } @@ -517,7 +517,7 @@ func (server *Server) prepareServer(entryPointName string, router *middlewares.H TLSConfig: tlsConfig, }, tlsConfig) if err != nil { - log.Errorf("Error hijacking server %s", err) + log.Errorf("Error hijacking server: %s", err) return nil, err } return gracefulServer, nil