[systemd-devel] [PATCH] cryptsetup: ask for password, if key file cannot be accessed

Lennart Poettering lennart at poettering.net
Wed Apr 17 13:25:42 PDT 2013


On Thu, 11.04.13 13:08, harald at redhat.com (harald at redhat.com) wrote:

> From: Harald Hoyer <harald at redhat.com>
> 
> If the key file cannot be accessed, we can at least ask for the
> password.

I like the general idea, but not the patch.

This code is racy. We shouldn't even start with things like this. We
should try to open the file, and if that fails fallback to a prompt, but
not in two steps wher we check first, and open then. The race might not
result in any security issues in the general case, but it's still
dirty. And we try to avoid dirty in systemd.

> +                        /* We can't access the key_file, so ask for the password */
> +                        if (access(key_file, R_OK)) {
> +                                log_error("Can't access key file '%s': %m", key_file);
> +                                key_file = NULL;
> +                        }
> +

Lennart

-- 
Lennart Poettering - Red Hat, Inc.


More information about the systemd-devel mailing list