RNP-01-003 WP3 Thunderbird: Possible race condition when reading from disk
Categories
(MailNews Core :: Security: OpenPGP, defect)
Tracking
(thunderbird_esr78 fixed, thunderbird88 fixed)
People
(Reporter: KaiE, Assigned: KaiE)
References
Details
(Keywords: sec-low)
Attachments
(1 file)
|
48 bytes,
text/x-phabricator-request
|
wsmwk
:
approval-comm-beta+
wsmwk
:
approval-comm-esr78+
|
Details | Review |
When processing a PGP-signed email, the signature data is extracted and written to the
filesystem before calling the RNP library, which in turn reads the signature data back
from the filesystem. This introduces a race condition due to the timing and predictable
file-path wherein a malicious local user can swap out the dumped file for a malicious
signature file. During this assessment, however, it was not possible to exploit this in any
meaningful way. The following shows a code excerpt that is responsible for writing the
file to disk before calling the RNP library.
Affected File:
comm/mail/extensions/openpgp/content/modules/mimeVerify.jsm
Affected Code:
onStopRequest() {
[...]
if (this.protocol === PGPMIME_PROTO) {
[...]
this.sigFile = EnigmailFiles.getTempDirObj();
this.sigFile.append("data.sig");
this.sigFile.createUnique(this.sigFile.NORMAL_FILE_TYPE, 0x180);
EnigmailFiles.writeFileContents(this.sigFile, this.sigData, 0x180);
if (!EnigmailDecryption.isReady(win)) {
return;
}
let sigFileName = EnigmailFiles.getEscapedFilename(
EnigmailFiles.getFilePath(this.sigFile)
);
let keyserver = EnigmailPrefs.getPref("autoKeyRetrieve");
let options = {
keyserver,
keyserverProxy: EnigmailHttpProxy.getHttpProxy(keyserver),
fromAddr: EnigmailDecryption.getFromAddr(win),
mimeSignatureFile: sigFileName,
};
const cApi = EnigmailCryptoAPI();
[...]
this.returnStatus = cApi.sync(cApi.verifyMime(this.signedData, options));
[...]
It is recommended to avoid using the filesystem in order to pass the signature
information to the library. Instead, the information should be passed via memory, as
done with the signed data itself.
|
Assignee | |
Comment 1•4 years ago
|
||
|
||
Updated•4 years ago
|
|
|
Assignee | |
Comment 2•4 years ago
|
||
|
|
Assignee | |
Updated•4 years ago
|
|
|
Assignee | |
Comment 3•4 years ago
|
||
Comment on attachment 9211305 [details]
Bug 1692899 - Don't use a file for passing OpenPGP signature data between modules. r=mkmelin
[Approval Request Comment]
Regression caused by (bug #): no
User impact if declined: none
Testing completed (on c-c, etc.): c-c
Risk to taking this patch (and alternatives if risky): low
|
||
Comment 4•4 years ago
|
||
Comment on attachment 9211305 [details]
Bug 1692899 - Don't use a file for passing OpenPGP signature data between modules. r=mkmelin
[Triage Comment]
Approved for beta
|
|
Assignee | |
Comment 5•4 years ago
|
||
|
|
Assignee | |
Updated•4 years ago
|
|
|
Assignee | |
Comment 6•4 years ago
|
||
Comment on attachment 9211305 [details]
Bug 1692899 - Don't use a file for passing OpenPGP signature data between modules. r=mkmelin
approval info: see comment 3.
We can wait for 78.10
|
|
||
Comment 7•4 years ago
|
||
Comment on attachment 9211305 [details]
Bug 1692899 - Don't use a file for passing OpenPGP signature data between modules. r=mkmelin
[Triage Comment]
Approved for esr78
|
|
Assignee | |
Comment 8•4 years ago
|
||
|
||
Updated•4 years ago
|
|
|
||
Comment 9•4 years ago
|
||
I'm drafting security advisories for Thunderbird and need a security rating.
Given this requires a local user and has not been verified as exploitable, I will go with sec-low.
Let me know if you disagree and I'll happily adjust the advisory :)
|
|
Assignee | |
Comment 10•4 years ago
|
||
Thanks Freddy, rating and advisory text sounds good to me!
|
|
||
Updated•3 years ago
|
Description
•