diff options
-rw-r--r-- | TODO | 6 | ||||
-rw-r--r-- | src/cryptsetup/cryptsetup.c | 18 |
2 files changed, 15 insertions, 9 deletions
@@ -158,8 +158,6 @@ Features: * use "log level" rather than "log priority" everywhere -* ensure sd_journal_seek_monotonic actually works properly. - * timedate: have global on/off switches for auto-time (NTP), and auto-timezone that connman can subscribe to. * Honour "-" prefix for InaccessibleDirectories= and ReadOnlyDirectories= to @@ -366,10 +364,10 @@ Features: - nspawn: make it work for dwalsh and shared /usr containers -- tmpfs mounts as command line parameters, selinux exec context * cryptsetup: - - cryptsetup-generator: warn if the password files are world-readable - cryptsetup-generator: allow specification of passwords in crypttab itself - move cryptsetup key caching into kernel keyctl? https://bugs.freedesktop.org/show_bug.cgi?id=54982 + - support rd.luks.allow-discards= kernel cmdline params in cryptsetup generator * move debug shell to tty6 and make sure this doesn't break the gettys on tty6 @@ -440,8 +438,6 @@ Features: * change Requires=basic.target to RequisiteOverride=basic.target -* support rd.luks.allow-discards= kernel cmdline params in cryptsetup generator - * when breaking cycles drop sysv services first, then services from /run, then from /etc, then from /usr * move passno parsing to fstab generator diff --git a/src/cryptsetup/cryptsetup.c b/src/cryptsetup/cryptsetup.c index a24e61a035..347394db8e 100644 --- a/src/cryptsetup/cryptsetup.c +++ b/src/cryptsetup/cryptsetup.c @@ -497,15 +497,25 @@ int main(int argc, char *argv[]) { crypt_get_volume_key_size(cd)*8, argv[3]); - if (key_file) - k = crypt_activate_by_keyfile_offset(cd, argv[2], CRYPT_ANY_SLOT, key_file, opt_keyfile_size, - opt_keyfile_offset, flags); + if (key_file) { + struct stat st; + + /* Ideally we'd do this on the open + * fd, but since this is just a + * warning it's OK to do this in two + * steps */ + if (stat(key_file, &st) >= 0 && (st.st_mode & 0005)) + log_warning("Key file %s is world-readable. That's certainly not a good idea.", key_file); + + k = crypt_activate_by_keyfile_offset( + cd, argv[2], CRYPT_ANY_SLOT, key_file, opt_keyfile_size, + opt_keyfile_offset, flags); if (k < 0) { log_error("Failed to activate with key file '%s': %s", key_file, strerror(-k)); key_file = NULL; continue; } - else { + } else { char **p; STRV_FOREACH(p, passwords) { |