[TriZPUG] major security issue in celery
Hrivnak, Michael
mhrivnak at hrivnak.org
Tue Jul 15 16:08:22 CEST 2014
There is a serious security issue that I reported to celery recently, and I
suspect it affects several people on this list:
https://groups.google.com/forum/#!topic/celery-users/iIqBL-kZCBQ
The summary is that worker processes by default will change their umask to
0. Then if they create new files, those files will be world-writable. If
you use celery, once you verify that your workers have a sane umask, I
suggest running "find . -perm -o+w" anywhere that your app might write data
to make sure none of it is world-writable.
NOTE: the advisory suggests a workaround of specifying "--umask=16" on the
command line. This is still insecure! I notified the maintainer, and he is
going to update the advisory. He intended to write "--umask=18", which is
equivalent to octal 022.
And for anyone who is unfamiliar with how umasks work, suffice it to say,
the sane default is to not change it. Let your process inherit the umask of
the user who started it.
Michael
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.python.org/pipermail/trizpug/attachments/20140715/653859be/attachment.html>
More information about the TriZPUG
mailing list