netplan stores wifi-password world-readable
Bug #1832309 reported by
Rolf Leggewie
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
netcfg (Ubuntu) |
Confirmed
|
Medium
|
Unassigned | ||
Eoan |
Won't Fix
|
Medium
|
Unassigned | ||
netplan.io (Ubuntu) |
Won't Fix
|
High
|
Unassigned | ||
Eoan |
Won't Fix
|
High
|
Unassigned |
Bug Description
-rw-r--r-- 1 root root 293 Apr 11 2018 /etc/netplan/
above file stores the wifi password in plain text!
information type: | Private Security → Public |
tags: | added: community-security |
information type: | Public → Public Security |
affects: | plan (Ubuntu) → netplan.io (Ubuntu) |
Changed in netplan.io (Ubuntu): | |
importance: | Undecided → High |
tags: | added: rls-ee-incoming |
Changed in netplan.io (Ubuntu Eoan): | |
status: | New → Confirmed |
tags: |
added: eoan removed: rls-ee-incoming |
tags: | added: id-5d14ed4981f5ba74a04b0aa9 |
Changed in netplan.io (Ubuntu Eoan): | |
assignee: | nobody → Łukasz Zemczak (sil2100) |
status: | Confirmed → In Progress |
Changed in netplan.io (Ubuntu Eoan): | |
status: | In Progress → Won't Fix |
Changed in netcfg (Ubuntu Eoan): | |
importance: | Undecided → Medium |
Changed in netplan.io (Ubuntu Eoan): | |
assignee: | Łukasz Zemczak (sil2100) → nobody |
Changed in netcfg (Ubuntu Eoan): | |
status: | New → Confirmed |
Changed in netplan.io (Ubuntu): | |
status: | In Progress → Won't Fix |
assignee: | Łukasz Zemczak (sil2100) → nobody |
To post a comment you must log in.
The /etc/netplan/ 01-netcfg. yaml file is generated by netcfg and is unrelated to netplan.io itself (as netplan only comes into play when parsing the file). This means that we essentially need to modify netcfg, and possibly all other installers that generate netplan configs (subiquity?), to not write the passphrase into a world-readable file. As per Steve's input, I guess the best way would be do split the config into two parts - one 'world-readable' with info that everyone should have access to and one with secrets.