diff options
| author | Jakob Unterwurzacher | 2019-03-30 20:06:40 +0100 |
|---|---|---|
| committer | Jakob Unterwurzacher | 2019-03-30 20:06:40 +0100 |
| commit | ec17445b996e7a2dc3b753963ea329881430e27b (patch) | |
| tree | 964ace7e3b1646506905d978da5407f108ecf5f2 | |
| parent | a4f461a305381ec04062b814dc2f73cadaac2f50 (diff) | |
forward mode: create gocryptfs.diriv files with 0440 permissions
Makes it easier to share an encrypted folder via a network drive.
https://github.com/rfjakob/gocryptfs/issues/387
| -rw-r--r-- | README.md | 5 | ||||
| -rw-r--r-- | internal/nametransform/diriv.go | 10 | ||||
| -rw-r--r-- | tests/cli/cli_test.go | 20 |
3 files changed, 34 insertions, 1 deletions
@@ -166,6 +166,11 @@ Changelog vNEXT, in progress * Support wild cards in reverse mode via `--exclude-wildcard` ([#367](https://github.com/rfjakob/gocryptfs/pull/367)). Thanks @ekalin! +* Create `gocryptfs.diriv` files with 0440 permissions to make it easier to + share an encrypted folder via a network drive + ([#387](https://github.com/rfjakob/gocryptfs/issues/387)). + Note: as a security precaution, the owner must still manually + `chmod gocryptfs.conf 0440` to allow mounting. v1.7, 2019-03-17 * **Fix possible symlink race attacks in forward mode** when using allow_other + plaintextnames diff --git a/internal/nametransform/diriv.go b/internal/nametransform/diriv.go index da33aee..c216dd0 100644 --- a/internal/nametransform/diriv.go +++ b/internal/nametransform/diriv.go @@ -61,11 +61,19 @@ func fdReadDirIV(fd *os.File) (iv []byte, err error) { // This function is exported because it is used from fusefrontend, main, // and also the automated tests. func WriteDirIVAt(dirfd int) error { + // It makes sense to have the diriv files group-readable so the FS can + // be mounted from several users from a network drive (see + // https://github.com/rfjakob/gocryptfs/issues/387 ). + // + // Note that gocryptfs.conf is still created with 0400 permissions so the + // owner must explicitely chmod it to permit access. + const dirivPerms = 0440 + iv := cryptocore.RandBytes(DirIVLen) // 0400 permissions: gocryptfs.diriv should never be modified after creation. // Don't use "ioutil.WriteFile", it causes trouble on NFS: // https://github.com/rfjakob/gocryptfs/commit/7d38f80a78644c8ec4900cc990bfb894387112ed - fd, err := syscallcompat.Openat(dirfd, DirIVFilename, os.O_WRONLY|os.O_CREATE|os.O_EXCL, 0400) + fd, err := syscallcompat.Openat(dirfd, DirIVFilename, os.O_WRONLY|os.O_CREATE|os.O_EXCL, dirivPerms) if err != nil { tlog.Warn.Printf("WriteDirIV: Openat: %v", err) return err diff --git a/tests/cli/cli_test.go b/tests/cli/cli_test.go index 48ce303..438ba16 100644 --- a/tests/cli/cli_test.go +++ b/tests/cli/cli_test.go @@ -43,6 +43,26 @@ func TestInit(t *testing.T) { } } +// Test that gocryptfs.conf and gocryptfs.diriv are there with the expected +// permissions after -init +func TestInitFilePerms(t *testing.T) { + dir := test_helpers.InitFS(t) + var st syscall.Stat_t + syscall.Stat(dir+"/gocryptfs.conf", &st) + perms := st.Mode & 0777 + if perms != 0400 { + t.Errorf("Wrong permissions for gocryptfs.conf: %#o", perms) + } + st = syscall.Stat_t{} + syscall.Stat(dir+"/gocryptfs.diriv", &st) + perms = st.Mode & 0777 + // From v1.7.1, these are created with 0440 permissions, see + // https://github.com/rfjakob/gocryptfs/issues/387 + if perms != 0440 { + t.Errorf("Wrong permissions for gocryptfs.diriv: %#o", perms) + } +} + // Test -init with -devrandom flag func TestInitDevRandom(t *testing.T) { test_helpers.InitFS(t, "-devrandom") |