Mirror/pmbootstrap
1
0
Fork 1
mirror of https://gitlab.postmarketos.org/postmarketOS/pmbootstrap.git synced 2025-07-13 03:19:47 +03:00
Code Issues Wiki Activity

pmb.install.format: use mkstemp

Browse source 
mktemp() is, according to the Python docs, not secure and probably
shouldn't be used for something sensitive like a password. This should
also make the opeartion atomic and prevent TOCTOU race conditions.

Co-Developed-by: Stefan Hansson <newbyte@postmarketos.org>
This commit is contained in:
Clayton Craft 2025-06-10 16:00:18 -07:00 committed by Stefan Hansson
parent ed396475f5
commit b917095547
No known key found for this signature in database
GPG key ID: ACD854892B38D898
1 changed files with 3 additions and 3 deletions
Download patch file Download diff file Expand all files Collapse all files

6
pmb/install/format.py
View file

@ -71,10 +71,10 @@ def format_luks_root(args: PmbArgs, device: str) -> None:
fde_key = os.environ.get("PMB_FDE_PASSWORD", None) fde_key = os.environ.get("PMB_FDE_PASSWORD", None)
if fde_key: if fde_key:
# Write passphrase to a temp file, to avoid printing it in any log # Write passphrase to a temp file, to avoid printing it in any log
path = tempfile.mktemp(dir="/tmp") fd, path = tempfile.mkstemp(dir=Chroot.native().path, text=True)
path_outside = Chroot.native() / path with os.fdopen(fd) as handle:
with open(path_outside, "w", encoding="utf-8") as handle:
handle.write(f"{fde_key}") handle.write(f"{fde_key}")
os.close(fd)
format_cmd += [str(path)] format_cmd += [str(path)]
open_cmd += ["--key-file", str(path)] open_cmd += ["--key-file", str(path)]