[Rubygems-developers] [PATCH] RubyGems 0.9.0 Signing Updates

Eric Hodel drbrain at segment7.net
Thu Aug 31 13:42:50 EDT 2006


On Aug 31, 2006, at 12:44 AM, Paul Duncan wrote:

> Hi All,
>
> Attached is a small patch against RubyGems 0.9.0 which adds the
> following:
>
>   * Ensures that the trust directory exists and is a directory
>     before trying to add a certificate to the trust store.
>   * Ensures that permissions on the trust directory and generated
>     certificates and keys are sufficiently restrictive.
>
> On the off-chance that this patch gets mangled in transit, it's also
> available on the web at the following URL:
>
>   http://pablotron.org/files/rubygems-0.9.0-signing_updates.diff
>
> For the security-conscious among you, an OpenPGP signature of the
> aforementioned patch can be found here:
>
>   http://pablotron.org/files/rubygems-0.9.0-signing_updates.diff.asc
>
> It's a relatively small set of changes. That said, questions,  
> comments,
> and unadulterated vitriol are always appreciated. :)
>
> diff -ur rubygems-0.9.0/lib/rubygems/security.rb rubygems-0.9.0- 
> fix_add_cert/lib/rubygems/security.rb
> --- rubygems-0.9.0/lib/rubygems/security.rb	2006-06-06  
> 23:39:54.000000000 -0400
> +++ rubygems-0.9.0-fix_add_cert/lib/rubygems/security.rb	2006-08-31  
> 03:17:32.000000000 -0400
> @@ -342,6 +350,32 @@
>      end
>
>      #
> +    # Make sure the trust directory exists.  If it does exist,  
> make sure
> +    # it's actually a directory.  If not, then create it with the
> +    # appropriate permissions.
> +    #
> +    def self.verify_trust_dir(opt)
> +      # grab path from options
> +      path = opt[:trust_dir]

opt[:trust_dir]

> +
> +      # if the directory exists, then make sure it is in fact a
> +      # directory.  if it doesn't exist, then create it with the
> +      # appropriate permissions
> +      if File.exists?(path)

File.exists? is deprecated, use File.exist.

> +        # verify that the trust directory is actually a directory
> +        unless File.directory?(path)
> +          err = "trust directory #{path} isn't a directory"
> +          raise Gem::Security::Exception, err
> +        end
> +      else
> +        # trust directory doesn't exist, so create it with
> +        # permissions
> +        FileUtils.mkdir_p(path)
> +        FileUtils.chmod(opt[:perms][:trust_dir], path)

and opt[:perms][:trust_dir] are the only things in opt you use here,  
why not make them explicit arguments?

> +      end
> +    end
> +
> +    #
>      # Build a certificate from the given DN and private key.
>      #
>      def self.build_cert(name, key, opt = {})
> @@ -429,8 +469,14 @@
>        # get destination path
>        path = Gem::Security::Policy.trusted_cert_path(cert, opt)
>
> +      # verify trust directory (can't write to nowhere, you know)
> +      verify_trust_dir(opt)
> +
>        # write cert to output file
> -      File.open(path, 'wb') { |file| file.write(cert.to_pem) }
> +      File.open(path, 'wb') do |file|
> +        file.chmod(opt[:perms][:trusted_cert])
> +        file.write(cert.to_pem)
> +      end
>
>        # return nil
>        nil


-- 
Eric Hodel - drbrain at segment7.net - http://blog.segment7.net
This implementation is HODEL-HASH-9600 compliant

http://trackmap.robotcoop.com




More information about the Rubygems-developers mailing list