[sru] wifi password is not obfuscated in /etc/netplan yaml files
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
sosreport (Ubuntu) |
Fix Released
|
Undecided
|
Unassigned | ||
Bionic |
New
|
Undecided
|
Unassigned | ||
Focal |
Fix Released
|
Undecided
|
Unassigned | ||
Jammy |
Fix Released
|
Undecided
|
Unassigned | ||
Lunar |
Fix Released
|
Undecided
|
Unassigned | ||
Mantic |
Fix Released
|
Undecided
|
Unassigned |
Bug Description
[IMPACT]
wifi SSID and password (in cleartext) is not obfuscated from /etc/netplan/
[TEST PLAN]
Manually create /etc/netplan/
~~~
network:
version: 2
wifis:
NM-
renderer: NetworkManager
match:
name: "wlp2s0"
dhcp4: true
dhcp6: true
access-
"My Cool Wireless Network SSID":
auth:
uuid: "9156e614-
name: "My Cool Wireless Network SSID"
networkma
uuid: "9156e614-
name: "My Cool Wireless Network SSID"
~~~
Collect a sosreport and check if the networking plugin obfuscates the password.
[WHERE PROBLEMS COULD OCCUR]
If due to some exception sosreport does not call the postproc() method on the plugin, leaving the password unobfuscated. I have ruled out this situation based on my analysis of the code, so this SRU seems a reasonably safe patch.
summary: |
- [sru] wifi password is not obfuscated in /etc/netplan + [sru] wifi password is not obfuscated in /etc/netplan yaml files |
description: | updated |
description: | updated |
Changed in sosreport (Ubuntu Mantic): | |
status: | New → In Progress |
Changed in sosreport (Ubuntu Bionic): | |
status: | New → In Progress |
Changed in sosreport (Ubuntu Focal): | |
status: | New → In Progress |
Changed in sosreport (Ubuntu Jammy): | |
status: | New → In Progress |
Changed in sosreport (Ubuntu Bionic): | |
status: | In Progress → New |
Changed in sosreport (Ubuntu Lunar): | |
status: | New → In Progress |
This bug was fixed in the package sosreport - 4.5.6-0ubuntu2
---------------
sosreport (4.5.6-0ubuntu2) mantic; urgency=medium
* d/tests/simple.sh:
- Correct typo in test_mask to print ip address
(LP: #2037873)
* d/p/0002- obfuscate- netplan- ssid-password. patch:
- Obfuscate SSID password in netplan/XX.yaml files
(LP: #2037872)
-- Nikhil Kshirsagar <email address hidden> Tue, 03 Oct 2023 05:43:23 +0000