Skip to content

Security/high priority fixes#21

Open
EnesSenyurt wants to merge 2 commits into
ibrahimkizilarslan:mainfrom
EnesSenyurt:security/high-priority-fixes
Open

Security/high priority fixes#21
EnesSenyurt wants to merge 2 commits into
ibrahimkizilarslan:mainfrom
EnesSenyurt:security/high-priority-fixes

Conversation

@EnesSenyurt

@EnesSenyurt EnesSenyurt commented Jun 10, 2026
edited
Loading

Copy link
Copy Markdown

What does this PR do?

State directory and log files were created with overly permissive modes (0755/0640), allowing other local users to read engine state (PID, config paths, scenario details) and log files (target names, IPs, fault patterns). This PR restricts all .entropy/ paths to user-only access, consistent with the registry store which already used 0o700.

Why is this change needed?

On multi-user systems (shared CI runners, developer VMs), world-readable state and group-readable logs expose chaos scenario details to unprivileged local users. This creates an information disclosure path that could be used to infer running fault injections or target topology.

How has this been tested?

  • Added/Updated unit tests — existing TestStateManager_WriteAndRead validates 0600 on Linux; added runtime.GOOS guard so the test also passes on Windows (NTFS does not enforce Unix permission bits)
  • Tested locally against the demo-distributed microservices
  • go vet ./... passes

Checklist

  • My code follows the style guidelines of this project
  • I have performed a self-review of my own code
  • I have commented my code, particularly in hard-to-understand areas
  • I have made corresponding changes to the documentation

Changes

File Change
pkg/utils/state.go:58 EnsureDir()07550700
pkg/utils/logger.go:31 log parent dir — 07550700
pkg/utils/logger.go:36 log file — 06400600
pkg/cli/chaos.go:59 daemon log file — 06400600
pkg/utils/state_test.go skip permission assertion on Windows

EnesSenyurt and others added 2 commits June 10, 2026 16:16
@EnesSenyurt @claude
security: tighten state dir and log file permissions to user-only
ff2ee4d 
State directory and log files previously used 0755/0640, exposing PID,
config paths, fault patterns, and target identifiers to other local
users. Switched to 0700/0600 to match the registry store's posture
(pkg/registry/store.go already uses 0o700).

Co-Authored-By: Claude Opus 4.7 <noreply@anthropic.com>
@EnesSenyurt @claude
test: skip file permission check on Windows (NTFS incompatibility)
48cf79c 
Windows does not enforce Unix-style permission bits; Mode().Perm()
always returns 0666 for writable files regardless of the mode passed
to os.WriteFile. Guard the 0600 assertion with runtime.GOOS check
so the test passes on both platforms.

Co-Authored-By: Claude Sonnet 4.6 <noreply@anthropic.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

No reviews

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@EnesSenyurt