Better certificate protection - 600

[Golffies]

Hello,

on macOS, it seems to me that the certificate and private key used by Mumble are saved in a JSON file, located here:

/Users/<whoever>/Library/Preferences/Mumble/Mumble/mumble_settings.json

However, this file and its backup copy located in the same folder are created with 644 rights, and their content can therefore be read by any user:

-rw-r--r--@ 1 youruser  staff   4,6K  7 déc 12:18 /Users/youruser/Library/Preferences/Mumble/Mumble/mumble_settings.json
-rw-r--r--@ 1 youruser  staff   4,6K  7 déc 12:16 /Users/youruser/Library/Preferences/Mumble/Mumble/mumble_settings.json.back

Since the private key is present, it would be better for Mumble to apply more restricted rights to them, such as 600.

-rw-------@ 1 youruser  staff   4,6K  7 déc 12:18 /Users/youruser/Library/Preferences/Mumble/Mumble/mumble_settings.json
-rw-------@ 1 youruser  staff   4,6K  7 déc 12:16 /Users/youruser/Library/Preferences/Mumble/Mumble/mumble_settings.json.back

This becomes a more than academic concern when you consider importing into Mumble a personal certificate signed by an external certification authority and also used to sign and encrypt emails.

Obviously, on macOS, the best practice is to access the certificate and its private key from the Keychain, and not to export it from the Keychain to create a copy to be imported into Mumble. But restricting access rights to the JSON file is already a step towards greater security.

Note that on macOS, when an application is authorised to use the certificate and private key in the Keychain, the user is not asked to enter their session password every time. In the Keychain, the application can be declared as always having the right to access them.

Environment
macOS 14.6.1
Mumble 1.5.634

[Hartmnt]

Interesting. On Linux the same permissions are used, so this could also benefit from a change here.

[theboywholived]

Can I work on this issue - I'm new to OSS and this repo.

[Krzmbrzl]

Absolutely. The relevant part of the code is in https://github.com/mumble-voip/mumble/blob/master/src/mumble/Settings.cpp#L143

[theboywholived]

Sure - I will pick this up? Could you point me to anyway I can replicate this and test this fix once I have written the code?

[Krzmbrzl]

Just run Mumble once and inspect the file permissions of the created settings JSON file (e.g. via ls -al).