RFR: 8313367: SunMSCAPI cannot read Local Computer certs w/o Windows elevation
Mat Carter
macarte at openjdk.org
Tue Dec 19 17:38:50 UTC 2023
On Thu, 16 Nov 2023 12:06:26 GMT, rebarbora-mckvak <duke at openjdk.org> wrote:
> This fixes the defect described at https://bugs.openjdk.org/browse/JDK-8313367
>
> If the process does not have write permissions, the store is opened as read-only (instead of failing).
>
> Please note that permissions to use a certificate in a local machine store must be granted - in a management console, select a certificate, right-click -> All tasks... -> Manage Private Keys... -> add Full control to user.
Apologies I wasn't aware of the JBS issue until I saw this github notification.
At a glance the fix seems trivial, but I'll need to test it. We were planning on looking at supporting the ability to open a keystore with READONLY access and I emailed security-dev to this effect in May
Considering this change, I'd suggest that when the store is opened with read-only permissions that some warning is output (if this can't be detected then we may have to attempt to open with write-priviledges and the fall back to read-only (CERT_STORE_READONLY_FLAG).
@rebarbora-mckvak - what testing was done with an elevated user opening a keystore with (CERT_STORE_MAXIMUM_ALLOWED_FLAG) and then attempting write-operations on the keystore?
-------------
PR Comment: https://git.openjdk.org/jdk/pull/16687#issuecomment-1863211291
More information about the security-dev
mailing list