Bug #17135

Don't store the admin password in cleartext

Added by segfault 2019-10-08 15:20:16 . Updated 2020-05-06 04:28:57 .

Status:
In Progress
Priority:
Normal
Assignee:
segfault
Category:
Target version:
Start date:
Due date:
% Done:

0%

Feature Branch:
bugfix/17135-store-admin-pw-hashed
Type of work:
Code
Blueprint:

Starter:
Affected tool:
Deliverable for:

Description

The Greeter currently stores the user-chosen admin password unhashed in /var/lib/gdm3/tails.password. In /etc/gdm3/PostLogin/Default, the password is then set via chpasswd and /var/lib/gdm3/tails.password is removed.

IMO, passwords should never be stored in cleartext. Instead, we should store them hashed and use chpasswd -e to set them.

This will also make it easier to persist the password, as part of persisting the Greeter options, which I plan to work on.


Subtasks


History

#1 Updated by segfault 2019-10-08 15:34:30

  • Description updated

#2 Updated by segfault 2019-10-08 15:36:14

Using chpasswd -e does not seem to be a good idea, because then chpasswd won’t use PAM to generate the password.

#3 Updated by segfault 2019-10-08 16:31:29

segfault wrote:
> Using chpasswd -e does not seem to be a good idea, because then chpasswd won’t use PAM to generate the password.

PAM uses the hash algorithm configured in /etc/login.defs, which is SHA512. So it should be fine if we generate the password with mkpasswd --method=sha512crypt and then set it via chpasswd -e. mkpasswd also takes care of generating a salt.

#4 Updated by segfault 2019-10-08 16:44:17

  • Status changed from Confirmed to In Progress

Applied in changeset commit:tails|71b72ab2eda52fb35ab71c00d0578086a61a2bee.

#5 Updated by intrigeri 2019-10-09 19:50:50

4.0 is now frozen but if the changes are not invasive, given we have good test coverage for this IIRC, I’m open to making a freeze exception for it.

#6 Updated by intrigeri 2019-10-21 11:46:18

  • Target version changed from Tails_4.0 to Tails_4.1

#7 Updated by segfault 2019-12-03 09:44:03

  • Target version changed from Tails_4.1 to Tails_4.2
  • Feature Branch set to bugfix/17135-store-admin-pw-hashed

#8 Updated by CyrilBrulebois 2020-01-07 18:00:42

  • Target version changed from Tails_4.2 to Tails_4.3

#9 Updated by anonym 2020-02-11 15:26:12

  • Target version changed from Tails_4.3 to Tails_4.4

#10 Updated by CyrilBrulebois 2020-03-12 09:55:59

  • Target version changed from Tails_4.4 to Tails_4.5

#11 Updated by CyrilBrulebois 2020-04-07 17:05:17

  • Target version changed from Tails_4.5 to Tails_4.6

#12 Updated by CyrilBrulebois 2020-05-06 04:28:57

  • Target version changed from Tails_4.6 to Tails_4.7