New issue
Advanced search Search tips

Issue 921308 link

Starred by 1 user
Status: Assigned
Owner:
cfroussios@chromium.org
Cc:
jdoerrie@chromium.org
santhoshkumar@chromium.org
Components:
EstimatedDays: ----
NextAction: ----
OS: Linux
Pri: 2
Type: Bug



Sign in to add a comment

Saved password file should be mode 600 on Linux

Reported by jidanni@gmail.com, Jan 12 
UserAgent: Mozilla/5.0 (X11; Linux i686) AppleWebKit/605.1.15 (KHTML, like Gecko) Version/11.0 Safari/605.1.15 Epiphany/605.1.15

Steps to reproduce the problem:
On Linux exporting passwords creates
  -rw-r--r--   1 30743 12-06 08:57 Chrome Passwords.csv
shouldn't that be
  -rw-------   1 30743 12-06 08:57 Chrome Passwords.csv

What is the expected behavior?
Only the user should be able to read the file, not everybody else on the system.

What went wrong?
Even when saving a email message, all email clients are smart enough to set mode to 600.

Did this work before? No 

Chrome version: 72  Channel: canary
OS Version: 
Flash Version: 

On the other hand you already warned the user when saving the file...
But you could still warn then, but remember to set the mode to 600 too.

Comment 1 Deleted

Comment 2 by phanindra.mandapaka@chromium.org, Jan 12

Labels: Needs-Triage-M72

Comment 3 by santhoshkumar@chromium.org, Jan 18 (4 days ago)

Cc: santhoshkumar@chromium.org
Components: UI>Browser>Passwords
Labels: Triaged-ET
Requesting some one from UI>browser>password to take a look into the issue.

Comment 4 by battre@chromium.org, Jan 18 (4 days ago)

Cc: jdoerrie@chromium.org
Jan, I think you built this piece. Can we influence the fhe file permissions?

Comment 5 by jdoerrie@chromium.org, Jan 18 (4 days ago)

Owner: cfroussios@chromium.org
Status: Assigned (was: Unconfirmed)
This is related to exporting passwords, right? In this case it was not me but Christos who built this [1]. Glancing quickly at the relevant code, it looks like this calls into base::WriteFile, which hard-codes mode 666 [2]. However, there also exists base::SetPosixFilePermissions [3], likely allowing us to change that once the file was created. Assigning to Christos for further investigation.


[1] https://crrev.com/c/782722
[2] https://cs.chromium.org/chromium/src/base/files/file_util_posix.cc?l=836&rcl=09e747504f7caf471e94acc4916864790517e40c
[3] https://cs.chromium.org/chromium/src/base/files/file_util.h?l=231&rcl=09e747504f7caf471e94acc4916864790517e40c

Comment 6 by cfroussios@chromium.org, Jan 18 (4 days ago) 

In  issue 409416 , it was decided that files created by Chrome should follow the users' umask.
I think it is reasonable to be more restrictive about exported passwords (then again, I think this should be the default and not an exception for password manager). I will see about a fix.

In any case, if a user shares the OS with other users, they should investigate whether their umask is appropriate for them.

Comment 7 by jidanni@gmail.com, Jan 20 (3 days ago) 

(Yes, umask 022 is correct. That's why Linux comes with it. (And not
000.) If you feel it is incorrect you can report a bug to Linux.
And/or all users were on permanent lockdown, then there wouldn't be a need
for the permissions systems at all.
Only e.g., mbox operations (and files containing passwords) are usually 077.)

Sign in to add a comment