stores guest data in overly-permissive host paths #6

New issue

Open

opened 2026-04-09 04:29:02 +00:00 by harivansh-afk · 0 comments

harivansh-afk commented 2026-04-09 04:29:02 +00:00

Owner

Copy link

Several host-side paths that can contain guest secrets are created with permissive 0755 directories and 0644 files.

Why this matters:

• CreateMachine clones the writable system disk image using cloneFile, which creates the disk image as 0644 (internal/daemon/create.go:65-79, internal/daemon/files.go:47-90).
• That same writable system image is then modified to include guest identity and, when provided, guest-config.json with login webhook configuration and bearer token data (internal/daemon/files.go:262-295).
• Snapshot directories are also created with 0755, and snapshot files are moved or copied without tightening permissions (internal/daemon/snapshot.go:60-63, internal/daemon/snapshot.go:369-387).
• Artifact and state directories are broadly created as 0755, and JSON/state temp files use 0644 (internal/daemon/daemon.go:60-61, internal/store/file_store.go:385-444).

Impact:

• On a multi-user host, local users can read machine disk images and snapshot material that may contain authorized keys, webhook bearer tokens, guest filesystem data, and guest memory contents.
• This breaks the expected isolation boundary for a host daemon that is managing guest workloads.

Expected behavior:

• Machine disks, snapshots, and state directories and files should default to owner-only permissions unless there is an explicit sharing requirement.

Suggested follow-up:

• Tighten directories to 0700 or 0750 as appropriate.
• Tighten files to 0600 unless they are intentionally public.
• Add tests that stat created paths and enforce the expected modes for system disks, snapshot files, and persisted state.

Several host-side paths that can contain guest secrets are created with permissive `0755` directories and `0644` files. Why this matters: - `CreateMachine` clones the writable system disk image using `cloneFile`, which creates the disk image as `0644` (`internal/daemon/create.go:65-79`, `internal/daemon/files.go:47-90`). - That same writable system image is then modified to include guest identity and, when provided, `guest-config.json` with login webhook configuration and bearer token data (`internal/daemon/files.go:262-295`). - Snapshot directories are also created with `0755`, and snapshot files are moved or copied without tightening permissions (`internal/daemon/snapshot.go:60-63`, `internal/daemon/snapshot.go:369-387`). - Artifact and state directories are broadly created as `0755`, and JSON/state temp files use `0644` (`internal/daemon/daemon.go:60-61`, `internal/store/file_store.go:385-444`). Impact: - On a multi-user host, local users can read machine disk images and snapshot material that may contain authorized keys, webhook bearer tokens, guest filesystem data, and guest memory contents. - This breaks the expected isolation boundary for a host daemon that is managing guest workloads. Expected behavior: - Machine disks, snapshots, and state directories and files should default to owner-only permissions unless there is an explicit sharing requirement. Suggested follow-up: - Tighten directories to `0700` or `0750` as appropriate. - Tighten files to `0600` unless they are intentionally public. - Add tests that stat created paths and enforce the expected modes for system disks, snapshot files, and persisted state.

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

main

No results found.

Labels

Clear labels

No items

No labels

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference: getcompanion-ai/computer-host#6

No description provided.