StarlingX

Updating Platform Certificates leaves Root_CA/ICA private key in unencrypted form

Bug #2008250 reported by Marcelo de Castro Loebens
256
This bug affects 1 person
Affects Status Importance Assigned to Milestone
StarlingX
Fix Released
Low
Marcelo de Castro Loebens

Bug Description

Brief Description
-----------------
The playbook that migrates certificates to cert-manager leaves a temporary file with specs for the certificate issuer. This file contain sensitive data about the issuer, should be handled with care and deleted when it isn't required anymore.

Severity
--------
Minor.

Steps to Reproduce
------------------
- Follow the steps in https://docs.starlingx.io/security/kubernetes/migrate-platform-certificates-to-use-cert-manager-c0b1727e4e5d.html.
- List the files inside '/tmp' folder. Observe that the playbook created the file 'platform_certificates.yaml' and it doesn't remove it.

Expected Behavior
------------------
After the execution of the playbook, the file should be deleted.

Actual Behavior
----------------
File is created and readable by any logged user.

Reproducibility
---------------
100%.

System Configuration
--------------------
Simplex.

Branch/Pull Time/Commit
-----------------------
Master.

Last Pass
---------
NA.

Timestamp/Logs
--------------
NA

Test Activity
-------------
Developer Testing

Workaround
----------
Remove the file manually.

See original description
Marcelo de Castro Loebens (mdecastr)
Changed in starlingx:
assignee: nobody → Marcelo de Castro Loebens (mdecastr)
information type: Public → Public Security
Changed in starlingx:
status: New → In Progress
Ghada Khalil (gkhalil)
Changed in starlingx:
importance: Undecided → Low
tags: added: stx.security
tags: added: stx.9.0
Revision history for this message
Ghada Khalil (gkhalil) wrote :

Review: https://review.opendev.org/c/starlingx/ansible-playbooks/+/874801

Revision history for this message
OpenStack Infra (hudson-openstack) wrote : Fix merged to ansible-playbooks (master)

Reviewed: https://review.opendev.org/c/starlingx/ansible-playbooks/+/874801
Committed: https://opendev.org/starlingx/ansible-playbooks/commit/048ef49135e6d37661d93aa2cefc8f727422e084
Submitter: "Zuul (22348)"
Branch: master

commit 048ef49135e6d37661d93aa2cefc8f727422e084
Author: Marcelo de Castro Loebens <email address hidden>
Date: Wed Feb 22 15:01:31 2023 -0400

    Delete certs spec file after migration playbook

    In migrate-platform-certificates-to-certmanager playbook, a file is
    created to store certificate spec before applying it to cert-manager.
    This file has sensible data, and should not be maintained in the
    system after the usage.

    File ownership will be 'root' and permissions '0640' to limit access
    while it is still in the system. File will be removed after usage in
    the playbook.

    Test Plan:
    PASS: Follow the steps in
          https://docs.starlingx.io/security/kubernetes/migrate-platform-certificates-to-use-cert-manager-c0b1727e4e5d.html
          to execute the cert manager migration playbook.
          Wait for the playbook to finish.
          List the files for the folder '/tmp'.
          Verify that the file 'platform_certificates.yaml' is absent.

    Closes-Bug: 2008250

    Signed-off-by: Marcelo de Castro Loebens <email address hidden>
    Change-Id: I899bf6920fe2e50079fd1dafc922bae22da47b6c

Changed in starlingx:
status: In Progress → Fix Released
Ghada Khalil (gkhalil)
description: updated
To post a comment you must log in.
This report contains Public Security information  
Everyone can see this security related information.
Subscribing...

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.