[JENKINS-73305] Create .ssh directory with owner only permissions

When the JGit implementation needs to create a `.ssh` directory, create it with permissions only allowing access to the directory owner. That is the common pattern used by the OpenSSH project and by POSIX systems to reduce access to the sensitive information stored in the directory. Testing done Ran the CredentialsTest in a debugger with a configured 'auth-data` directory and confirmed that the modified lines are executed on my RHEL 8 development computer. Confirmed that the resulting directory permissions were read, write, and execute for only the owner, with no other permissions.
jenkinsci · Jun 15, 2024 · d518e26 · d518e26
1 parent f988d25
commit d518e26
Showing 1 changed file with 24 additions and 4 deletions.
diff --git a/src/main/java/org/jenkinsci/plugins/gitclient/JGitAPIImpl.java b/src/main/java/org/jenkinsci/plugins/gitclient/JGitAPIImpl.java
@@ -42,6 +42,9 @@
 import java.nio.file.Files;
 import java.nio.file.Path;
 import java.nio.file.Paths;
+import java.nio.file.attribute.FileAttribute;
+import java.nio.file.attribute.PosixFilePermission;
+import java.nio.file.attribute.PosixFilePermissions;
 import java.security.GeneralSecurityException;
 import java.util.ArrayList;
 import java.util.Arrays;
@@ -201,10 +204,22 @@ public class JGitAPIImpl extends LegacyCompatibleGitAPIImpl {
     public SshdSessionFactory buildSshdSessionFactory(@NonNull final HostKeyVerifierFactory hostKeyVerifierFactory) {
         if (Files.notExists(hostKeyVerifierFactory.getKnownHostsFile().toPath())) {
             try {
-                Files.createDirectories(hostKeyVerifierFactory
-                        .getKnownHostsFile()
-                        .getParentFile()
-                        .toPath());
+                if (isWindows()) {
+                    Files.createDirectories(hostKeyVerifierFactory
+                            .getKnownHostsFile()
+                            .getParentFile()
+                            .toPath());
+                } else {
+                    Set<PosixFilePermission> ownerOnly = PosixFilePermissions.fromString("rwx------");
+                    FileAttribute<Set<PosixFilePermission>> fileAttribute =
+                            PosixFilePermissions.asFileAttribute(ownerOnly);
+                    Files.createDirectories(
+                            hostKeyVerifierFactory
+                                    .getKnownHostsFile()
+                                    .getParentFile()
+                                    .toPath(),
+                            fileAttribute);
+                }
                 Files.createFile(hostKeyVerifierFactory.getKnownHostsFile().toPath());
             } catch (IOException e) {
                 LOGGER.log(Level.SEVERE, "could not create known hosts file", e);
@@ -3231,4 +3246,9 @@ public void close() {
             }
         }
     }
+
+    /** inline ${@link hudson.Functions#isWindows()} to prevent a transient remote classloader issue */
+    private static boolean isWindows() {
+        return File.pathSeparatorChar == ';';
+    }
 }