2023-12-29 14:29:57 |
lujiefsi |
bug |
|
|
added bug |
2023-12-29 15:18:20 |
lujiefsi |
description |
see https://github.com/openstack/tripleo-heat-templates/blob/1393d39be367db3acb02508e0e858395a4e4fefa/scripts/undercloud-upgrade-ephemeral-heat.py#L89
we frist write a file, then chmod the mode of the file as 644.
with open(db_path, 'w') as out:
subprocess.run([
'sudo', 'podman', 'exec', '-u', 'root',
'mysql', 'mysqldump', 'heat'], stdout=out,
check=True)
os.chmod(db_path, 0o600)
When a file is first created and then its permissions are later changed using chmod, there exists a potential security risk known as a time-of-check to time-of-use (TOCTOU) attack. In this type of attack, an attacker exploits the time window between when the file is initially written and when its permissions are modified.
During this time window, the attacker may gain access to the file and manipulate its contents or execute malicious code, especially if the file is located in a directory that is writable by the attacker. By the time the permissions are changed using chmod, the attacker may have already exploited the file for their malicious purposes.
This type of attack is a result of the temporal gap between the creation of the file and the subsequent permission modification, allowing for potential unauthorized access and manipulation. This highlights the importance of properly securing sensitive files from the moment of creation and throughout their lifecycle to mitigate the risk of such attacks. |
see https://github.com/openstack/tripleo-heat-templates/blob/1393d39be367db3acb02508e0e858395a4e4fefa/scripts/undercloud-upgrade-ephemeral-heat.py#L89
we frist write a file, then chmod the mode of the file as 644.
with open(db_path, 'w') as out:
subprocess.run([
'sudo', 'podman', 'exec', '-u', 'root',
'mysql', 'mysqldump', 'heat'], stdout=out,
check=True)
os.chmod(db_path, 0o600)
When a file is first created and then its permissions are later changed using chmod, there exists a potential security risk known as a time-of-check to time-of-use (TOCTOU) attack. In this type of attack, an attacker exploits the time window between when the file is initially written and when its permissions are modified.
During this time window, the attacker may gain access to the file and manipulate its contents or execute malicious code, especially if the file is located in a directory that is writable by the attacker. By the time the permissions are changed using chmod, the attacker may have already exploited the file for their malicious purposes.
This type of attack is a result of the temporal gap between the creation of the file and the subsequent permission modification, allowing for potential unauthorized access and manipulation. This highlights the importance of properly securing sensitive files from the moment of creation and throughout their lifecycle to mitigate the risk of such attacks. |
|
2023-12-29 15:29:47 |
lujiefsi |
description |
see https://github.com/openstack/tripleo-heat-templates/blob/1393d39be367db3acb02508e0e858395a4e4fefa/scripts/undercloud-upgrade-ephemeral-heat.py#L89
we frist write a file, then chmod the mode of the file as 644.
with open(db_path, 'w') as out:
subprocess.run([
'sudo', 'podman', 'exec', '-u', 'root',
'mysql', 'mysqldump', 'heat'], stdout=out,
check=True)
os.chmod(db_path, 0o600)
When a file is first created and then its permissions are later changed using chmod, there exists a potential security risk known as a time-of-check to time-of-use (TOCTOU) attack. In this type of attack, an attacker exploits the time window between when the file is initially written and when its permissions are modified.
During this time window, the attacker may gain access to the file and manipulate its contents or execute malicious code, especially if the file is located in a directory that is writable by the attacker. By the time the permissions are changed using chmod, the attacker may have already exploited the file for their malicious purposes.
This type of attack is a result of the temporal gap between the creation of the file and the subsequent permission modification, allowing for potential unauthorized access and manipulation. This highlights the importance of properly securing sensitive files from the moment of creation and throughout their lifecycle to mitigate the risk of such attacks. |
see https://github.com/openstack/tripleo-heat-templates/blob/1393d39be367db3acb02508e0e858395a4e4fefa/scripts/undercloud-upgrade-ephemeral-heat.py#L89
and https://github.com/openstack/tripleo-heat-templates/blob/1393d39be367db3acb02508e0e858395a4e4fefa/scripts/undercloud-upgrade-ephemeral-heat.py#L254
we frist write a file, then chmod the mode of the file as 600.
with open(db_path, 'w') as out:
subprocess.run([
'sudo', 'podman', 'exec', '-u', 'root',
'mysql', 'mysqldump', 'heat'], stdout=out,
check=True)
os.chmod(db_path, 0o600)
we frist write password into a file, then chmod the mode of the file as 600.
def export_passwords(heat, stack, stack_dir):
passwords_path = os.path.join(
stack_dir, "tripleo-{}-passwords.yaml".format(stack))
LOG.info("Exporting passwords for stack %s to %s"
% (stack, passwords_path))
passwords = plan_utils.generate_passwords(heat=heat, container=stack)
password_params = dict(parameter_defaults=passwords)
with open(passwords_path, 'w') as f:
f.write(yaml.safe_dump(password_params))
os.chmod(passwords_path, 0o600)
When a file is first created and then its permissions are later changed using chmod, there exists a potential security risk known as a time-of-check to time-of-use (TOCTOU) attack. In this type of attack, an attacker exploits the time window between when the file is initially written and when its permissions are modified.
During this time window, the attacker may gain access to the file and manipulate its contents or execute malicious code, especially if the file is located in a directory that is writable by the attacker. By the time the permissions are changed using chmod, the attacker may have already exploited the file for their malicious purposes.
This type of attack is a result of the temporal gap between the creation of the file and the subsequent permission modification, allowing for potential unauthorized access and manipulation. This highlights the importance of properly securing sensitive files from the moment of creation and throughout their lifecycle to mitigate the risk of such attacks. |
|
2023-12-29 15:30:29 |
lujiefsi |
description |
see https://github.com/openstack/tripleo-heat-templates/blob/1393d39be367db3acb02508e0e858395a4e4fefa/scripts/undercloud-upgrade-ephemeral-heat.py#L89
and https://github.com/openstack/tripleo-heat-templates/blob/1393d39be367db3acb02508e0e858395a4e4fefa/scripts/undercloud-upgrade-ephemeral-heat.py#L254
we frist write a file, then chmod the mode of the file as 600.
with open(db_path, 'w') as out:
subprocess.run([
'sudo', 'podman', 'exec', '-u', 'root',
'mysql', 'mysqldump', 'heat'], stdout=out,
check=True)
os.chmod(db_path, 0o600)
we frist write password into a file, then chmod the mode of the file as 600.
def export_passwords(heat, stack, stack_dir):
passwords_path = os.path.join(
stack_dir, "tripleo-{}-passwords.yaml".format(stack))
LOG.info("Exporting passwords for stack %s to %s"
% (stack, passwords_path))
passwords = plan_utils.generate_passwords(heat=heat, container=stack)
password_params = dict(parameter_defaults=passwords)
with open(passwords_path, 'w') as f:
f.write(yaml.safe_dump(password_params))
os.chmod(passwords_path, 0o600)
When a file is first created and then its permissions are later changed using chmod, there exists a potential security risk known as a time-of-check to time-of-use (TOCTOU) attack. In this type of attack, an attacker exploits the time window between when the file is initially written and when its permissions are modified.
During this time window, the attacker may gain access to the file and manipulate its contents or execute malicious code, especially if the file is located in a directory that is writable by the attacker. By the time the permissions are changed using chmod, the attacker may have already exploited the file for their malicious purposes.
This type of attack is a result of the temporal gap between the creation of the file and the subsequent permission modification, allowing for potential unauthorized access and manipulation. This highlights the importance of properly securing sensitive files from the moment of creation and throughout their lifecycle to mitigate the risk of such attacks. |
see https://github.com/openstack/tripleo-heat-templates/blob/1393d39be367db3acb02508e0e858395a4e4fefa/scripts/undercloud-upgrade-ephemeral-heat.py#L89
and https://github.com/openstack/tripleo-heat-templates/blob/1393d39be367db3acb02508e0e858395a4e4fefa/scripts/undercloud-upgrade-ephemeral-heat.py#L254
At undercloud-upgrade-ephemeral-heat.py#L89, we frist write a file, then chmod the mode of the file as 600.
with open(db_path, 'w') as out:
subprocess.run([
'sudo', 'podman', 'exec', '-u', 'root',
'mysql', 'mysqldump', 'heat'], stdout=out,
check=True)
os.chmod(db_path, 0o600)
At undercloud-upgrade-ephemeral-heat.py#L254, we frist write password into a file, then chmod the mode of the file as 600.
def export_passwords(heat, stack, stack_dir):
passwords_path = os.path.join(
stack_dir, "tripleo-{}-passwords.yaml".format(stack))
LOG.info("Exporting passwords for stack %s to %s"
% (stack, passwords_path))
passwords = plan_utils.generate_passwords(heat=heat, container=stack)
password_params = dict(parameter_defaults=passwords)
with open(passwords_path, 'w') as f:
f.write(yaml.safe_dump(password_params))
os.chmod(passwords_path, 0o600)
When a file is first created and then its permissions are later changed using chmod, there exists a potential security risk known as a time-of-check to time-of-use (TOCTOU) attack. In this type of attack, an attacker exploits the time window between when the file is initially written and when its permissions are modified.
During this time window, the attacker may gain access to the file and manipulate its contents or execute malicious code, especially if the file is located in a directory that is writable by the attacker. By the time the permissions are changed using chmod, the attacker may have already exploited the file for their malicious purposes.
This type of attack is a result of the temporal gap between the creation of the file and the subsequent permission modification, allowing for potential unauthorized access and manipulation. This highlights the importance of properly securing sensitive files from the moment of creation and throughout their lifecycle to mitigate the risk of such attacks. |
|
2023-12-30 01:22:38 |
lujiefsi |
description |
see https://github.com/openstack/tripleo-heat-templates/blob/1393d39be367db3acb02508e0e858395a4e4fefa/scripts/undercloud-upgrade-ephemeral-heat.py#L89
and https://github.com/openstack/tripleo-heat-templates/blob/1393d39be367db3acb02508e0e858395a4e4fefa/scripts/undercloud-upgrade-ephemeral-heat.py#L254
At undercloud-upgrade-ephemeral-heat.py#L89, we frist write a file, then chmod the mode of the file as 600.
with open(db_path, 'w') as out:
subprocess.run([
'sudo', 'podman', 'exec', '-u', 'root',
'mysql', 'mysqldump', 'heat'], stdout=out,
check=True)
os.chmod(db_path, 0o600)
At undercloud-upgrade-ephemeral-heat.py#L254, we frist write password into a file, then chmod the mode of the file as 600.
def export_passwords(heat, stack, stack_dir):
passwords_path = os.path.join(
stack_dir, "tripleo-{}-passwords.yaml".format(stack))
LOG.info("Exporting passwords for stack %s to %s"
% (stack, passwords_path))
passwords = plan_utils.generate_passwords(heat=heat, container=stack)
password_params = dict(parameter_defaults=passwords)
with open(passwords_path, 'w') as f:
f.write(yaml.safe_dump(password_params))
os.chmod(passwords_path, 0o600)
When a file is first created and then its permissions are later changed using chmod, there exists a potential security risk known as a time-of-check to time-of-use (TOCTOU) attack. In this type of attack, an attacker exploits the time window between when the file is initially written and when its permissions are modified.
During this time window, the attacker may gain access to the file and manipulate its contents or execute malicious code, especially if the file is located in a directory that is writable by the attacker. By the time the permissions are changed using chmod, the attacker may have already exploited the file for their malicious purposes.
This type of attack is a result of the temporal gap between the creation of the file and the subsequent permission modification, allowing for potential unauthorized access and manipulation. This highlights the importance of properly securing sensitive files from the moment of creation and throughout their lifecycle to mitigate the risk of such attacks. |
The vulnerability is at https://github.com/openstack/tripleo-heat-templates/blob/1393d39be367db3acb02508e0e858395a4e4fefa/scripts/undercloud-upgrade-ephemeral-heat.py#L89
and https://github.com/openstack/tripleo-heat-templates/blob/1393d39be367db3acb02508e0e858395a4e4fefa/scripts/undercloud-upgrade-ephemeral-heat.py#L254
and https://github.com/openstack/tripleo-ansible/blob/e281ae7624774d71f22fbb993af967ed1ec08780/tripleo_ansible/ansible_plugins/modules/container_startup_config.py#L119
For example:
At undercloud-upgrade-ephemeral-heat.py#L89, we frist write a file, then chmod the mode of the file as 600.
with open(db_path, 'w') as out:
subprocess.run([
'sudo', 'podman', 'exec', '-u', 'root',
'mysql', 'mysqldump', 'heat'], stdout=out,
check=True)
os.chmod(db_path, 0o600)
At undercloud-upgrade-ephemeral-heat.py#L254, we frist write password into a file, then chmod the mode of the file as 600.
def export_passwords(heat, stack, stack_dir):
passwords_path = os.path.join(
stack_dir, "tripleo-{}-passwords.yaml".format(stack))
LOG.info("Exporting passwords for stack %s to %s"
% (stack, passwords_path))
passwords = plan_utils.generate_passwords(heat=heat, container=stack)
password_params = dict(parameter_defaults=passwords)
with open(passwords_path, 'w') as f:
f.write(yaml.safe_dump(password_params))
os.chmod(passwords_path, 0o600)
When a file is first created and then its permissions are later changed using chmod, there exists a potential security risk known as a time-of-check to time-of-use (TOCTOU) attack. In this type of attack, an attacker exploits the time window between when the file is initially written and when its permissions are modified.
During this time window, the attacker may gain access to the file and manipulate its contents or execute malicious code, especially if the file is located in a directory that is writable by the attacker. By the time the permissions are changed using chmod, the attacker may have already exploited the file for their malicious purposes.
This type of attack is a result of the temporal gap between the creation of the file and the subsequent permission modification, allowing for potential unauthorized access and manipulation. This highlights the importance of properly securing sensitive files from the moment of creation and throughout their lifecycle to mitigate the risk of such attacks. |
|
2023-12-30 01:29:00 |
lujiefsi |
description |
The vulnerability is at https://github.com/openstack/tripleo-heat-templates/blob/1393d39be367db3acb02508e0e858395a4e4fefa/scripts/undercloud-upgrade-ephemeral-heat.py#L89
and https://github.com/openstack/tripleo-heat-templates/blob/1393d39be367db3acb02508e0e858395a4e4fefa/scripts/undercloud-upgrade-ephemeral-heat.py#L254
and https://github.com/openstack/tripleo-ansible/blob/e281ae7624774d71f22fbb993af967ed1ec08780/tripleo_ansible/ansible_plugins/modules/container_startup_config.py#L119
For example:
At undercloud-upgrade-ephemeral-heat.py#L89, we frist write a file, then chmod the mode of the file as 600.
with open(db_path, 'w') as out:
subprocess.run([
'sudo', 'podman', 'exec', '-u', 'root',
'mysql', 'mysqldump', 'heat'], stdout=out,
check=True)
os.chmod(db_path, 0o600)
At undercloud-upgrade-ephemeral-heat.py#L254, we frist write password into a file, then chmod the mode of the file as 600.
def export_passwords(heat, stack, stack_dir):
passwords_path = os.path.join(
stack_dir, "tripleo-{}-passwords.yaml".format(stack))
LOG.info("Exporting passwords for stack %s to %s"
% (stack, passwords_path))
passwords = plan_utils.generate_passwords(heat=heat, container=stack)
password_params = dict(parameter_defaults=passwords)
with open(passwords_path, 'w') as f:
f.write(yaml.safe_dump(password_params))
os.chmod(passwords_path, 0o600)
When a file is first created and then its permissions are later changed using chmod, there exists a potential security risk known as a time-of-check to time-of-use (TOCTOU) attack. In this type of attack, an attacker exploits the time window between when the file is initially written and when its permissions are modified.
During this time window, the attacker may gain access to the file and manipulate its contents or execute malicious code, especially if the file is located in a directory that is writable by the attacker. By the time the permissions are changed using chmod, the attacker may have already exploited the file for their malicious purposes.
This type of attack is a result of the temporal gap between the creation of the file and the subsequent permission modification, allowing for potential unauthorized access and manipulation. This highlights the importance of properly securing sensitive files from the moment of creation and throughout their lifecycle to mitigate the risk of such attacks. |
The vulnerability is at https://github.com/openstack/tripleo-heat-templates/blob/1393d39be367db3acb02508e0e858395a4e4fefa/scripts/undercloud-upgrade-ephemeral-heat.py#L89
and https://github.com/openstack/tripleo-heat-templates/blob/1393d39be367db3acb02508e0e858395a4e4fefa/scripts/undercloud-upgrade-ephemeral-heat.py#L254
and https://github.com/openstack/tripleo-ansible/blob/e281ae7624774d71f22fbb993af967ed1ec08780/tripleo_ansible/ansible_plugins/modules/container_startup_config.py#L119
and https://github.com/openstack/tripleo-ansible/blob/e281ae7624774d71f22fbb993af967ed1ec08780/tripleo_ansible/ansible_plugins/modules/tripleo_container_configs.py#L86
For example:
At undercloud-upgrade-ephemeral-heat.py#L89, we frist write a file, then chmod the mode of the file as 600.
with open(db_path, 'w') as out:
subprocess.run([
'sudo', 'podman', 'exec', '-u', 'root',
'mysql', 'mysqldump', 'heat'], stdout=out,
check=True)
os.chmod(db_path, 0o600)
At undercloud-upgrade-ephemeral-heat.py#L254, we frist write password into a file, then chmod the mode of the file as 600.
def export_passwords(heat, stack, stack_dir):
passwords_path = os.path.join(
stack_dir, "tripleo-{}-passwords.yaml".format(stack))
LOG.info("Exporting passwords for stack %s to %s"
% (stack, passwords_path))
passwords = plan_utils.generate_passwords(heat=heat, container=stack)
password_params = dict(parameter_defaults=passwords)
with open(passwords_path, 'w') as f:
f.write(yaml.safe_dump(password_params))
os.chmod(passwords_path, 0o600)
When a file is first created and then its permissions are later changed using chmod, there exists a potential security risk known as a time-of-check to time-of-use (TOCTOU) attack. In this type of attack, an attacker exploits the time window between when the file is initially written and when its permissions are modified.
During this time window, the attacker may gain access to the file and manipulate its contents or execute malicious code, especially if the file is located in a directory that is writable by the attacker. By the time the permissions are changed using chmod, the attacker may have already exploited the file for their malicious purposes.
This type of attack is a result of the temporal gap between the creation of the file and the subsequent permission modification, allowing for potential unauthorized access and manipulation. This highlights the importance of properly securing sensitive files from the moment of creation and throughout their lifecycle to mitigate the risk of such attacks. |
|
2023-12-30 01:31:51 |
lujiefsi |
description |
The vulnerability is at https://github.com/openstack/tripleo-heat-templates/blob/1393d39be367db3acb02508e0e858395a4e4fefa/scripts/undercloud-upgrade-ephemeral-heat.py#L89
and https://github.com/openstack/tripleo-heat-templates/blob/1393d39be367db3acb02508e0e858395a4e4fefa/scripts/undercloud-upgrade-ephemeral-heat.py#L254
and https://github.com/openstack/tripleo-ansible/blob/e281ae7624774d71f22fbb993af967ed1ec08780/tripleo_ansible/ansible_plugins/modules/container_startup_config.py#L119
and https://github.com/openstack/tripleo-ansible/blob/e281ae7624774d71f22fbb993af967ed1ec08780/tripleo_ansible/ansible_plugins/modules/tripleo_container_configs.py#L86
For example:
At undercloud-upgrade-ephemeral-heat.py#L89, we frist write a file, then chmod the mode of the file as 600.
with open(db_path, 'w') as out:
subprocess.run([
'sudo', 'podman', 'exec', '-u', 'root',
'mysql', 'mysqldump', 'heat'], stdout=out,
check=True)
os.chmod(db_path, 0o600)
At undercloud-upgrade-ephemeral-heat.py#L254, we frist write password into a file, then chmod the mode of the file as 600.
def export_passwords(heat, stack, stack_dir):
passwords_path = os.path.join(
stack_dir, "tripleo-{}-passwords.yaml".format(stack))
LOG.info("Exporting passwords for stack %s to %s"
% (stack, passwords_path))
passwords = plan_utils.generate_passwords(heat=heat, container=stack)
password_params = dict(parameter_defaults=passwords)
with open(passwords_path, 'w') as f:
f.write(yaml.safe_dump(password_params))
os.chmod(passwords_path, 0o600)
When a file is first created and then its permissions are later changed using chmod, there exists a potential security risk known as a time-of-check to time-of-use (TOCTOU) attack. In this type of attack, an attacker exploits the time window between when the file is initially written and when its permissions are modified.
During this time window, the attacker may gain access to the file and manipulate its contents or execute malicious code, especially if the file is located in a directory that is writable by the attacker. By the time the permissions are changed using chmod, the attacker may have already exploited the file for their malicious purposes.
This type of attack is a result of the temporal gap between the creation of the file and the subsequent permission modification, allowing for potential unauthorized access and manipulation. This highlights the importance of properly securing sensitive files from the moment of creation and throughout their lifecycle to mitigate the risk of such attacks. |
The vulnerability is at https://github.com/openstack/tripleo-heat-templates/blob/1393d39be367db3acb02508e0e858395a4e4fefa/scripts/undercloud-upgrade-ephemeral-heat.py#L89
and https://github.com/openstack/tripleo-heat-templates/blob/1393d39be367db3acb02508e0e858395a4e4fefa/scripts/undercloud-upgrade-ephemeral-heat.py#L254
and https://github.com/openstack/tripleo-ansible/blob/e281ae7624774d71f22fbb993af967ed1ec08780/tripleo_ansible/ansible_plugins/modules/container_startup_config.py#L119
and https://github.com/openstack/tripleo-ansible/blob/e281ae7624774d71f22fbb993af967ed1ec08780/tripleo_ansible/ansible_plugins/modules/tripleo_container_configs.py#L86
and https://github.com/openstack/python-tripleoclient/blob/75c5f4057e9acae3caeaa94a8d9adfe844ea706b/tripleoclient/workflows/deployment.py#L42
For example:
At undercloud-upgrade-ephemeral-heat.py#L89, we frist write a file, then chmod the mode of the file as 600.
with open(db_path, 'w') as out:
subprocess.run([
'sudo', 'podman', 'exec', '-u', 'root',
'mysql', 'mysqldump', 'heat'], stdout=out,
check=True)
os.chmod(db_path, 0o600)
At undercloud-upgrade-ephemeral-heat.py#L254, we frist write password into a file, then chmod the mode of the file as 600.
def export_passwords(heat, stack, stack_dir):
passwords_path = os.path.join(
stack_dir, "tripleo-{}-passwords.yaml".format(stack))
LOG.info("Exporting passwords for stack %s to %s"
% (stack, passwords_path))
passwords = plan_utils.generate_passwords(heat=heat, container=stack)
password_params = dict(parameter_defaults=passwords)
with open(passwords_path, 'w') as f:
f.write(yaml.safe_dump(password_params))
os.chmod(passwords_path, 0o600)
When a file is first created and then its permissions are later changed using chmod, there exists a potential security risk known as a time-of-check to time-of-use (TOCTOU) attack. In this type of attack, an attacker exploits the time window between when the file is initially written and when its permissions are modified.
During this time window, the attacker may gain access to the file and manipulate its contents or execute malicious code, especially if the file is located in a directory that is writable by the attacker. By the time the permissions are changed using chmod, the attacker may have already exploited the file for their malicious purposes.
This type of attack is a result of the temporal gap between the creation of the file and the subsequent permission modification, allowing for potential unauthorized access and manipulation. This highlights the importance of properly securing sensitive files from the moment of creation and throughout their lifecycle to mitigate the risk of such attacks. |
|
2023-12-30 13:04:31 |
lujiefsi |
description |
The vulnerability is at https://github.com/openstack/tripleo-heat-templates/blob/1393d39be367db3acb02508e0e858395a4e4fefa/scripts/undercloud-upgrade-ephemeral-heat.py#L89
and https://github.com/openstack/tripleo-heat-templates/blob/1393d39be367db3acb02508e0e858395a4e4fefa/scripts/undercloud-upgrade-ephemeral-heat.py#L254
and https://github.com/openstack/tripleo-ansible/blob/e281ae7624774d71f22fbb993af967ed1ec08780/tripleo_ansible/ansible_plugins/modules/container_startup_config.py#L119
and https://github.com/openstack/tripleo-ansible/blob/e281ae7624774d71f22fbb993af967ed1ec08780/tripleo_ansible/ansible_plugins/modules/tripleo_container_configs.py#L86
and https://github.com/openstack/python-tripleoclient/blob/75c5f4057e9acae3caeaa94a8d9adfe844ea706b/tripleoclient/workflows/deployment.py#L42
For example:
At undercloud-upgrade-ephemeral-heat.py#L89, we frist write a file, then chmod the mode of the file as 600.
with open(db_path, 'w') as out:
subprocess.run([
'sudo', 'podman', 'exec', '-u', 'root',
'mysql', 'mysqldump', 'heat'], stdout=out,
check=True)
os.chmod(db_path, 0o600)
At undercloud-upgrade-ephemeral-heat.py#L254, we frist write password into a file, then chmod the mode of the file as 600.
def export_passwords(heat, stack, stack_dir):
passwords_path = os.path.join(
stack_dir, "tripleo-{}-passwords.yaml".format(stack))
LOG.info("Exporting passwords for stack %s to %s"
% (stack, passwords_path))
passwords = plan_utils.generate_passwords(heat=heat, container=stack)
password_params = dict(parameter_defaults=passwords)
with open(passwords_path, 'w') as f:
f.write(yaml.safe_dump(password_params))
os.chmod(passwords_path, 0o600)
When a file is first created and then its permissions are later changed using chmod, there exists a potential security risk known as a time-of-check to time-of-use (TOCTOU) attack. In this type of attack, an attacker exploits the time window between when the file is initially written and when its permissions are modified.
During this time window, the attacker may gain access to the file and manipulate its contents or execute malicious code, especially if the file is located in a directory that is writable by the attacker. By the time the permissions are changed using chmod, the attacker may have already exploited the file for their malicious purposes.
This type of attack is a result of the temporal gap between the creation of the file and the subsequent permission modification, allowing for potential unauthorized access and manipulation. This highlights the importance of properly securing sensitive files from the moment of creation and throughout their lifecycle to mitigate the risk of such attacks. |
The vulnerability is at https://github.com/openstack/tripleo-heat-templates/blob/1393d39be367db3acb02508e0e858395a4e4fefa/scripts/undercloud-upgrade-ephemeral-heat.py#L89
and https://github.com/openstack/tripleo-heat-templates/blob/1393d39be367db3acb02508e0e858395a4e4fefa/scripts/undercloud-upgrade-ephemeral-heat.py#L254
and https://github.com/openstack/tripleo-ansible/blob/e281ae7624774d71f22fbb993af967ed1ec08780/tripleo_ansible/ansible_plugins/modules/container_startup_config.py#L119
and https://github.com/openstack/tripleo-ansible/blob/e281ae7624774d71f22fbb993af967ed1ec08780/tripleo_ansible/ansible_plugins/modules/tripleo_container_configs.py#L86
and https://github.com/openstack/python-tripleoclient/blob/75c5f4057e9acae3caeaa94a8d9adfe844ea706b/tripleoclient/workflows/deployment.py#L42
For example:
At undercloud-upgrade-ephemeral-heat.py#L89, we frist write a file, then chmod the mode of the file as 600.
with open(db_path, 'w') as out:
subprocess.run([
'sudo', 'podman', 'exec', '-u', 'root',
'mysql', 'mysqldump', 'heat'], stdout=out,
check=True)
os.chmod(db_path, 0o600)
At undercloud-upgrade-ephemeral-heat.py#L254, we frist write password into a file, then chmod the mode of the file as 600.
def export_passwords(heat, stack, stack_dir):
passwords_path = os.path.join(
stack_dir, "tripleo-{}-passwords.yaml".format(stack))
LOG.info("Exporting passwords for stack %s to %s"
% (stack, passwords_path))
passwords = plan_utils.generate_passwords(heat=heat, container=stack)
password_params = dict(parameter_defaults=passwords)
with open(passwords_path, 'w') as f:
f.write(yaml.safe_dump(password_params))
os.chmod(passwords_path, 0o600)
When a file is first written and then its permissions are later changed using chmod, there exists a potential security risk known as a time-of-check to time-of-use (TOCTOU) attack. In this type of attack, an attacker exploits the time window between when the file is initially written and when its permissions are modified. During this time window, the attacker may gain access to the file. |
|
2024-01-03 12:19:22 |
lujiefsi |
description |
The vulnerability is at https://github.com/openstack/tripleo-heat-templates/blob/1393d39be367db3acb02508e0e858395a4e4fefa/scripts/undercloud-upgrade-ephemeral-heat.py#L89
and https://github.com/openstack/tripleo-heat-templates/blob/1393d39be367db3acb02508e0e858395a4e4fefa/scripts/undercloud-upgrade-ephemeral-heat.py#L254
and https://github.com/openstack/tripleo-ansible/blob/e281ae7624774d71f22fbb993af967ed1ec08780/tripleo_ansible/ansible_plugins/modules/container_startup_config.py#L119
and https://github.com/openstack/tripleo-ansible/blob/e281ae7624774d71f22fbb993af967ed1ec08780/tripleo_ansible/ansible_plugins/modules/tripleo_container_configs.py#L86
and https://github.com/openstack/python-tripleoclient/blob/75c5f4057e9acae3caeaa94a8d9adfe844ea706b/tripleoclient/workflows/deployment.py#L42
For example:
At undercloud-upgrade-ephemeral-heat.py#L89, we frist write a file, then chmod the mode of the file as 600.
with open(db_path, 'w') as out:
subprocess.run([
'sudo', 'podman', 'exec', '-u', 'root',
'mysql', 'mysqldump', 'heat'], stdout=out,
check=True)
os.chmod(db_path, 0o600)
At undercloud-upgrade-ephemeral-heat.py#L254, we frist write password into a file, then chmod the mode of the file as 600.
def export_passwords(heat, stack, stack_dir):
passwords_path = os.path.join(
stack_dir, "tripleo-{}-passwords.yaml".format(stack))
LOG.info("Exporting passwords for stack %s to %s"
% (stack, passwords_path))
passwords = plan_utils.generate_passwords(heat=heat, container=stack)
password_params = dict(parameter_defaults=passwords)
with open(passwords_path, 'w') as f:
f.write(yaml.safe_dump(password_params))
os.chmod(passwords_path, 0o600)
When a file is first written and then its permissions are later changed using chmod, there exists a potential security risk known as a time-of-check to time-of-use (TOCTOU) attack. In this type of attack, an attacker exploits the time window between when the file is initially written and when its permissions are modified. During this time window, the attacker may gain access to the file. |
The vulnerability is at https://github.com/openstack/tripleo-heat-templates/blob/1393d39be367db3acb02508e0e858395a4e4fefa/scripts/undercloud-upgrade-ephemeral-heat.py#L89
and https://github.com/openstack/tripleo-heat-templates/blob/1393d39be367db3acb02508e0e858395a4e4fefa/scripts/undercloud-upgrade-ephemeral-heat.py#L254
and https://github.com/openstack/tripleo-ansible/blob/e281ae7624774d71f22fbb993af967ed1ec08780/tripleo_ansible/ansible_plugins/modules/tripleo_container_configs.py#L86
and https://github.com/openstack/python-tripleoclient/blob/75c5f4057e9acae3caeaa94a8d9adfe844ea706b/tripleoclient/workflows/deployment.py#L42
For example:
At undercloud-upgrade-ephemeral-heat.py#L89, we frist write a file, then chmod the mode of the file as 600.
with open(db_path, 'w') as out:
subprocess.run([
'sudo', 'podman', 'exec', '-u', 'root',
'mysql', 'mysqldump', 'heat'], stdout=out,
check=True)
os.chmod(db_path, 0o600)
At undercloud-upgrade-ephemeral-heat.py#L254, we frist write password into a file, then chmod the mode of the file as 600.
def export_passwords(heat, stack, stack_dir):
passwords_path = os.path.join(
stack_dir, "tripleo-{}-passwords.yaml".format(stack))
LOG.info("Exporting passwords for stack %s to %s"
% (stack, passwords_path))
passwords = plan_utils.generate_passwords(heat=heat, container=stack)
password_params = dict(parameter_defaults=passwords)
with open(passwords_path, 'w') as f:
f.write(yaml.safe_dump(password_params))
os.chmod(passwords_path, 0o600)
When a file is first written and then its permissions are later changed using chmod, there exists a potential security risk known as a time-of-check to time-of-use (TOCTOU) attack. In this type of attack, an attacker exploits the time window between when the file is initially written and when its permissions are modified. During this time window, the attacker may gain access to the file. |
|
2024-01-03 17:05:54 |
Jeremy Stanley |
bug |
|
|
added subscriber tripleo-coresec |
2024-01-20 11:53:09 |
lujiefsi |
description |
The vulnerability is at https://github.com/openstack/tripleo-heat-templates/blob/1393d39be367db3acb02508e0e858395a4e4fefa/scripts/undercloud-upgrade-ephemeral-heat.py#L89
and https://github.com/openstack/tripleo-heat-templates/blob/1393d39be367db3acb02508e0e858395a4e4fefa/scripts/undercloud-upgrade-ephemeral-heat.py#L254
and https://github.com/openstack/tripleo-ansible/blob/e281ae7624774d71f22fbb993af967ed1ec08780/tripleo_ansible/ansible_plugins/modules/tripleo_container_configs.py#L86
and https://github.com/openstack/python-tripleoclient/blob/75c5f4057e9acae3caeaa94a8d9adfe844ea706b/tripleoclient/workflows/deployment.py#L42
For example:
At undercloud-upgrade-ephemeral-heat.py#L89, we frist write a file, then chmod the mode of the file as 600.
with open(db_path, 'w') as out:
subprocess.run([
'sudo', 'podman', 'exec', '-u', 'root',
'mysql', 'mysqldump', 'heat'], stdout=out,
check=True)
os.chmod(db_path, 0o600)
At undercloud-upgrade-ephemeral-heat.py#L254, we frist write password into a file, then chmod the mode of the file as 600.
def export_passwords(heat, stack, stack_dir):
passwords_path = os.path.join(
stack_dir, "tripleo-{}-passwords.yaml".format(stack))
LOG.info("Exporting passwords for stack %s to %s"
% (stack, passwords_path))
passwords = plan_utils.generate_passwords(heat=heat, container=stack)
password_params = dict(parameter_defaults=passwords)
with open(passwords_path, 'w') as f:
f.write(yaml.safe_dump(password_params))
os.chmod(passwords_path, 0o600)
When a file is first written and then its permissions are later changed using chmod, there exists a potential security risk known as a time-of-check to time-of-use (TOCTOU) attack. In this type of attack, an attacker exploits the time window between when the file is initially written and when its permissions are modified. During this time window, the attacker may gain access to the file. |
The vulnerability is at https://github.com/openstack/tripleo-heat-templates/blob/1393d39be367db3acb02508e0e858395a4e4fefa/scripts/undercloud-upgrade-ephemeral-heat.py#L254
and https://github.com/openstack/tripleo-ansible/blob/e281ae7624774d71f22fbb993af967ed1ec08780/tripleo_ansible/ansible_plugins/modules/tripleo_container_configs.py#L86
and https://github.com/openstack/python-tripleoclient/blob/75c5f4057e9acae3caeaa94a8d9adfe844ea706b/tripleoclient/workflows/deployment.py#L42
For example:
At undercloud-upgrade-ephemeral-heat.py#L89, we frist write a file, then chmod the mode of the file as 600.
with open(db_path, 'w') as out:
subprocess.run([
'sudo', 'podman', 'exec', '-u', 'root',
'mysql', 'mysqldump', 'heat'], stdout=out,
check=True)
os.chmod(db_path, 0o600)
At undercloud-upgrade-ephemeral-heat.py#L254, we frist write password into a file, then chmod the mode of the file as 600.
def export_passwords(heat, stack, stack_dir):
passwords_path = os.path.join(
stack_dir, "tripleo-{}-passwords.yaml".format(stack))
LOG.info("Exporting passwords for stack %s to %s"
% (stack, passwords_path))
passwords = plan_utils.generate_passwords(heat=heat, container=stack)
password_params = dict(parameter_defaults=passwords)
with open(passwords_path, 'w') as f:
f.write(yaml.safe_dump(password_params))
os.chmod(passwords_path, 0o600)
When a file is first written and then its permissions are later changed using chmod, there exists a potential security risk known as a time-of-check to time-of-use (TOCTOU) attack. In this type of attack, an attacker exploits the time window between when the file is initially written and when its permissions are modified. During this time window, the attacker may gain access to the file. |
|
2024-01-20 13:21:47 |
lujiefsi |
description |
The vulnerability is at https://github.com/openstack/tripleo-heat-templates/blob/1393d39be367db3acb02508e0e858395a4e4fefa/scripts/undercloud-upgrade-ephemeral-heat.py#L254
and https://github.com/openstack/tripleo-ansible/blob/e281ae7624774d71f22fbb993af967ed1ec08780/tripleo_ansible/ansible_plugins/modules/tripleo_container_configs.py#L86
and https://github.com/openstack/python-tripleoclient/blob/75c5f4057e9acae3caeaa94a8d9adfe844ea706b/tripleoclient/workflows/deployment.py#L42
For example:
At undercloud-upgrade-ephemeral-heat.py#L89, we frist write a file, then chmod the mode of the file as 600.
with open(db_path, 'w') as out:
subprocess.run([
'sudo', 'podman', 'exec', '-u', 'root',
'mysql', 'mysqldump', 'heat'], stdout=out,
check=True)
os.chmod(db_path, 0o600)
At undercloud-upgrade-ephemeral-heat.py#L254, we frist write password into a file, then chmod the mode of the file as 600.
def export_passwords(heat, stack, stack_dir):
passwords_path = os.path.join(
stack_dir, "tripleo-{}-passwords.yaml".format(stack))
LOG.info("Exporting passwords for stack %s to %s"
% (stack, passwords_path))
passwords = plan_utils.generate_passwords(heat=heat, container=stack)
password_params = dict(parameter_defaults=passwords)
with open(passwords_path, 'w') as f:
f.write(yaml.safe_dump(password_params))
os.chmod(passwords_path, 0o600)
When a file is first written and then its permissions are later changed using chmod, there exists a potential security risk known as a time-of-check to time-of-use (TOCTOU) attack. In this type of attack, an attacker exploits the time window between when the file is initially written and when its permissions are modified. During this time window, the attacker may gain access to the file. |
The vulnerability is at https://github.com/openstack/tripleo-heat-templates/blob/1393d39be367db3acb02508e0e858395a4e4fefa/scripts/undercloud-upgrade-ephemeral-heat.py#L254
At undercloud-upgrade-ephemeral-heat.py#L89, we frist write a file, then chmod the mode of the file as 600.
with open(db_path, 'w') as out:
subprocess.run([
'sudo', 'podman', 'exec', '-u', 'root',
'mysql', 'mysqldump', 'heat'], stdout=out,
check=True)
os.chmod(db_path, 0o600)
At undercloud-upgrade-ephemeral-heat.py#L254, we frist write password into a file, then chmod the mode of the file as 600.
def export_passwords(heat, stack, stack_dir):
passwords_path = os.path.join(
stack_dir, "tripleo-{}-passwords.yaml".format(stack))
LOG.info("Exporting passwords for stack %s to %s"
% (stack, passwords_path))
passwords = plan_utils.generate_passwords(heat=heat, container=stack)
password_params = dict(parameter_defaults=passwords)
with open(passwords_path, 'w') as f:
f.write(yaml.safe_dump(password_params))
os.chmod(passwords_path, 0o600)
When a file is first written and then its permissions are later changed using chmod, there exists a potential security risk known as a time-of-check to time-of-use (TOCTOU) attack. In this type of attack, an attacker exploits the time window between when the file is initially written and when its permissions are modified. During this time window, the attacker may gain access to the file. |
|
2024-01-20 13:22:07 |
lujiefsi |
description |
The vulnerability is at https://github.com/openstack/tripleo-heat-templates/blob/1393d39be367db3acb02508e0e858395a4e4fefa/scripts/undercloud-upgrade-ephemeral-heat.py#L254
At undercloud-upgrade-ephemeral-heat.py#L89, we frist write a file, then chmod the mode of the file as 600.
with open(db_path, 'w') as out:
subprocess.run([
'sudo', 'podman', 'exec', '-u', 'root',
'mysql', 'mysqldump', 'heat'], stdout=out,
check=True)
os.chmod(db_path, 0o600)
At undercloud-upgrade-ephemeral-heat.py#L254, we frist write password into a file, then chmod the mode of the file as 600.
def export_passwords(heat, stack, stack_dir):
passwords_path = os.path.join(
stack_dir, "tripleo-{}-passwords.yaml".format(stack))
LOG.info("Exporting passwords for stack %s to %s"
% (stack, passwords_path))
passwords = plan_utils.generate_passwords(heat=heat, container=stack)
password_params = dict(parameter_defaults=passwords)
with open(passwords_path, 'w') as f:
f.write(yaml.safe_dump(password_params))
os.chmod(passwords_path, 0o600)
When a file is first written and then its permissions are later changed using chmod, there exists a potential security risk known as a time-of-check to time-of-use (TOCTOU) attack. In this type of attack, an attacker exploits the time window between when the file is initially written and when its permissions are modified. During this time window, the attacker may gain access to the file. |
The vulnerability is at https://github.com/openstack/tripleo-heat-templates/blob/1393d39be367db3acb02508e0e858395a4e4fefa/scripts/undercloud-upgrade-ephemeral-heat.py#L254
At undercloud-upgrade-ephemeral-heat.py#L254, we frist write password into a file, then chmod the mode of the file as 600.
def export_passwords(heat, stack, stack_dir):
passwords_path = os.path.join(
stack_dir, "tripleo-{}-passwords.yaml".format(stack))
LOG.info("Exporting passwords for stack %s to %s"
% (stack, passwords_path))
passwords = plan_utils.generate_passwords(heat=heat, container=stack)
password_params = dict(parameter_defaults=passwords)
with open(passwords_path, 'w') as f:
f.write(yaml.safe_dump(password_params))
os.chmod(passwords_path, 0o600)
When a file is first written and then its permissions are later changed using chmod, there exists a potential security risk known as a time-of-check to time-of-use (TOCTOU) attack. In this type of attack, an attacker exploits the time window between when the file is initially written and when its permissions are modified. During this time window, the attacker may gain access to the file. |
|
2024-01-20 14:19:50 |
lujiefsi |
description |
The vulnerability is at https://github.com/openstack/tripleo-heat-templates/blob/1393d39be367db3acb02508e0e858395a4e4fefa/scripts/undercloud-upgrade-ephemeral-heat.py#L254
At undercloud-upgrade-ephemeral-heat.py#L254, we frist write password into a file, then chmod the mode of the file as 600.
def export_passwords(heat, stack, stack_dir):
passwords_path = os.path.join(
stack_dir, "tripleo-{}-passwords.yaml".format(stack))
LOG.info("Exporting passwords for stack %s to %s"
% (stack, passwords_path))
passwords = plan_utils.generate_passwords(heat=heat, container=stack)
password_params = dict(parameter_defaults=passwords)
with open(passwords_path, 'w') as f:
f.write(yaml.safe_dump(password_params))
os.chmod(passwords_path, 0o600)
When a file is first written and then its permissions are later changed using chmod, there exists a potential security risk known as a time-of-check to time-of-use (TOCTOU) attack. In this type of attack, an attacker exploits the time window between when the file is initially written and when its permissions are modified. During this time window, the attacker may gain access to the file. |
The vulnerability is at https://github.com/openstack/tripleo-heat-templates/blob/1393d39be367db3acb02508e0e858395a4e4fefa/scripts/undercloud-upgrade-ephemeral-heat.py#L254 and https://github.com/openstack/tripleo-heat-templates/blob/1393d39be367db3acb02508e0e858395a4e4fefa/scripts/undercloud-upgrade-ephemeral-heat.py#L94
At undercloud-upgrade-ephemeral-heat.py#L254, we frist write password into a file, then chmod the mode of the file as 600.
def export_passwords(heat, stack, stack_dir):
passwords_path = os.path.join(
stack_dir, "tripleo-{}-passwords.yaml".format(stack))
LOG.info("Exporting passwords for stack %s to %s"
% (stack, passwords_path))
passwords = plan_utils.generate_passwords(heat=heat, container=stack)
password_params = dict(parameter_defaults=passwords)
with open(passwords_path, 'w') as f:
f.write(yaml.safe_dump(password_params))
os.chmod(passwords_path, 0o600)
When a file is first written and then its permissions are later changed using chmod, there exists a potential security risk known as a time-of-check to time-of-use (TOCTOU) attack. In this type of attack, an attacker exploits the time window between when the file is initially written and when its permissions are modified. During this time window, the attacker may gain access to the file. |
|
2024-01-20 14:19:54 |
lujiefsi |
information type |
Private Security |
Public Security |
|
2024-01-20 14:37:57 |
OpenStack Infra |
tripleo: status |
New |
In Progress |
|