Unprivileged user can control services
Bug #1864201 reported by
Adam Collard
This bug affects 1 person
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| MAAS |
Fix Released
|
Critical
|
Alberto Donato | ||
| 2.7 |
Fix Released
|
Critical
|
Alberto Donato | ||
Bug Description
With a snap installed maas, supervisor is used to manage service lifecycle of various services that compose MAAS (regiond, rackd, dhcpd etc.)
In 2.7.0, and master, the supervisord is configured with a very guessable hard-coded username and password (which matches the username) listening on TCP 127.0.0.1:9001
Thus, any unprivileged user on the machine who can talk HTTP to the loopback interface can DOS the MAAS (start, stop, restart services).
https:/
Related branches
~ack/maas:1864201-supervisord-unix-socket-2.7
- Alberto Donato (community): Approve
- MAAS Lander: Pending (unittests) requested
-
Diff: 48 lines (+8/-9)1 file modifiedsnap/local/tree/usr/share/maas/supervisord.conf.template (+8/-9)
~ack/maas:1864201-supervisord-unix-socket
- Adam Collard (community): Approve
- MAAS Lander: Pending (unittests) requested
-
Diff: 48 lines (+8/-9)1 file modifiedsnap/local/tree/usr/share/maas/supervisord.conf.template (+8/-9)
| Changed in maas: | |
| assignee: | nobody → Alberto Donato (ack) |
| Changed in maas: | |
| status: | New → In Progress |
| Changed in maas: | |
| milestone: | none → next |
| status: | In Progress → Fix Committed |
| Changed in maas: | |
| milestone: | next → 2.8.0b1 |
| information type: | Private Security → Public |
| information type: | Public → Public Security |
| Changed in maas: | |
| status: | Fix Committed → Fix Released |
To post a comment you must log in.
