[PXB-2142] Transition key was written to backup / stream - Percona JIRA

XML

Word

Printable

Details

Type: Bug
Status: Done
Priority: Critical
Resolution: Fixed
Affects Version/s: 2.4.11, 8.0.4
Fix Version/s: 2.4.20, 8.0.11
Component/s: None
Labels:
- CVE-2020-10997

Description

Based on the documentation, to save a backup to some cloud provider, we should execute the following command:

xtrabackup --backup --stream=xbstream --target-dir=/tmp | xbcloud \
put [options] <name>

from https://www.percona.com/doc/percona-xtrabackup/LATEST/xbcloud/xbcloud.html

Let's combine this with a custom transition key:

xtrabackup --backup --stream=xbstream --transition-key=foobar > xbstream.output

After taking this backup, look for the transition key in it:

cat xbstream.output | grep -a foobar

And it's there in clear text, written as part of the tool_command in xtrabackup_info. Conveniently at the end of the file, so executing tail instead of grep is also enough.

Meaning that anybody who uses this approach to save an encrypted database on the cloud basically exposes his entire data (and tablespace keys, which will stay the same until he rebuilds all encrypted tables)

Attachments

Issue Links

blocks

PXB-2145 encrypt-key could appear in the process-list

Done

PXC-3117 Transition key was hardcoded

Done

Activity

People

Assignee:: Rahul Malik (Inactive)

Reporter:: Zsolt Parragi

Votes:: 0 Vote for this issue

Watchers:: 7 Start watching this issue

Dates

Created:: 26/Mar/20 9:33 PM

Updated:: 27/Apr/20 9:04 AM

Resolved:: 07/Apr/20 10:51 AM

Time Tracking

Estimated:

1d 5h

Remaining: