Skip to content

πŸ›‘οΈ Sentinel: [HIGH] Fix TOCTOU vulnerability in SSH key creation #24

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Open
kidchenko wants to merge 1 commit into
base: main
Choose a base branch
from
Open

πŸ›‘οΈ Sentinel: [HIGH] Fix TOCTOU vulnerability in SSH key creation #24

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
1 commit
Select commit
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
4 changes: 4 additions & 0 deletions .jules/sentinel.md
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,4 @@
## 2025-02-08 - TOCTOU Race Condition in File Creation

Check failure on line 1 in .jules/sentinel.md

View workflow job for this annotation

GitHub Actions / Lint Documentation

First line in a file should be a top-level heading 

.jules/sentinel.md:1 MD041/first-line-heading/first-line-h1 First line in a file should be a top-level heading [Context: "## 2025-02-08 - TOCTOU Race Co..."] https://github.com/DavidAnson/markdownlint/blob/v0.34.0/doc/md041.md

Check failure on line 1 in .jules/sentinel.md

View workflow job for this annotation

GitHub Actions / Lint Documentation

Headings should be surrounded by blank lines 

.jules/sentinel.md:1 MD022/blanks-around-headings Headings should be surrounded by blank lines [Expected: 1; Actual: 0; Below] [Context: "## 2025-02-08 - TOCTOU Race Condition in File Creation"] https://github.com/DavidAnson/markdownlint/blob/v0.34.0/doc/md022.md
Copy link

@coderabbitai coderabbitai bot Feb 8, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟑 Minor

Date typo: should be 2026, not 2025.

The PR was created on 2026-02-08, but the heading says 2025-02-08.

Also, the markdown linter flags MD041 (first line should be a top-level # heading) and MD022 (blank line required after headings). Consider adding a top-level # Sentinel heading and a blank line before the ## entry.

Proposed fix 
-## 2025-02-08 - TOCTOU Race Condition in File Creation
+# Sentinel
+
+## 2026-02-08 - TOCTOU Race Condition in File Creation
+
πŸ“ Committable suggestion

‼️ IMPORTANT
Carefully review the code before committing. Ensure that it accurately replaces the highlighted code, contains no missing lines, and has no issues with indentation. Thoroughly test & benchmark the code to ensure it meets the requirements.

Suggested change
## 2025-02-08 - TOCTOU Race Condition in File Creation
# Sentinel
## 2026-02-08 - TOCTOU Race Condition in File Creation
🧰 Tools
πŸͺ› GitHub Check: Lint Documentation

[failure] 1-1: First line in a file should be a top-level heading
.jules/sentinel.md:1 MD041/first-line-heading/first-line-h1 First line in a file should be a top-level heading [Context: "## 2025-02-08 - TOCTOU Race Co..."] https://github.com/DavidAnson/markdownlint/blob/v0.34.0/doc/md041.md

[failure] 1-1: Headings should be surrounded by blank lines
.jules/sentinel.md:1 MD022/blanks-around-headings Headings should be surrounded by blank lines [Expected: 1; Actual: 0; Below] [Context: "## 2025-02-08 - TOCTOU Race Condition in File Creation"] https://github.com/DavidAnson/markdownlint/blob/v0.34.0/doc/md022.md

πŸ€– Prompt for AI Agents 
In @.jules/sentinel.md at line 1, Update the sentinel markdown: fix the date in
the existing heading from "2025-02-08" to "2026-02-08", add a top-level heading
"# Sentinel" as the first line to satisfy MD041, and insert a blank line between
that top-level heading and the "## 2026-02-08 - TOCTOU Race Condition in File
Creation" entry to satisfy MD022; ensure the second-level heading text is
updated accordingly to match the corrected date.

**Vulnerability:** The SSH private key was being created with default permissions (potentially world-readable) before `chmod 600` was applied. This created a race condition where the key could be read by other users on the system.

Check failure on line 2 in .jules/sentinel.md

View workflow job for this annotation

GitHub Actions / Lint Documentation

Line length 

.jules/sentinel.md:2:81 MD013/line-length Line length [Expected: 80; Actual: 230] https://github.com/DavidAnson/markdownlint/blob/v0.34.0/doc/md013.md
**Learning:** Shell redirection (`>`) creates files with the current `umask` before any subsequent `chmod` command is executed.

Check failure on line 3 in .jules/sentinel.md

View workflow job for this annotation

GitHub Actions / Lint Documentation

Line length 

.jules/sentinel.md:3:81 MD013/line-length Line length [Expected: 80; Actual: 127] https://github.com/DavidAnson/markdownlint/blob/v0.34.0/doc/md013.md
**Prevention:** Use `umask 077` in a subshell when creating sensitive files to ensure they are created with restricted permissions from the start. Example: `(umask 077; command > file)`.

Check failure on line 4 in .jules/sentinel.md

View workflow job for this annotation

GitHub Actions / Lint Documentation

Line length 

.jules/sentinel.md:4:81 MD013/line-length Line length [Expected: 80; Actual: 186] https://github.com/DavidAnson/markdownlint/blob/v0.34.0/doc/md013.md
Comment on lines +2 to +4
Copy link

@coderabbitai coderabbitai bot Feb 8, 2026

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

⚠️ Potential issue | 🟑 Minor

Markdown lint: line length exceeds 80 characters (MD013).

Lines 2–4 all exceed the 80-character limit flagged by the linter. Wrap the long lines to comply.

🧰 Tools
πŸͺ› GitHub Check: Lint Documentation

[failure] 4-4: Line length
.jules/sentinel.md:4:81 MD013/line-length Line length [Expected: 80; Actual: 186] https://github.com/DavidAnson/markdownlint/blob/v0.34.0/doc/md013.md

[failure] 3-3: Line length
.jules/sentinel.md:3:81 MD013/line-length Line length [Expected: 80; Actual: 127] https://github.com/DavidAnson/markdownlint/blob/v0.34.0/doc/md013.md

[failure] 2-2: Line length
.jules/sentinel.md:2:81 MD013/line-length Line length [Expected: 80; Actual: 230] https://github.com/DavidAnson/markdownlint/blob/v0.34.0/doc/md013.md

πŸ€– Prompt for AI Agents 
In @.jules/sentinel.md around lines 2 - 4, The three long Markdown lines
("Vulnerability:", "Learning:", "Prevention:") exceed the 80-character limit;
reflow each paragraph to lines ≀80 chars by inserting line breaks at natural
sentence or clause boundaries (e.g., after "race condition", after "umask", and
before the example), keeping the original headings and content intact and
preserving the example command `(umask 077; command > file)` on its own wrapped
line so the file complies with MD013.

13 changes: 9 additions & 4 deletions tools/setup-ssh-keys.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -148,12 +148,17 @@ cmd_restore() {

say "Restoring SSH key from 1Password..."

# Create SSH directory
mkdir -p "$SSH_DIR"
# Create SSH directory with secure permissions
if [[ ! -d "$SSH_DIR" ]]; then
mkdir -p -m 700 "$SSH_DIR"
fi
chmod 700 "$SSH_DIR"

# Read private key from 1Password and save locally
op read "op://$VAULT/$KEY_NAME/private_key" > "$PRIVATE_KEY_FILE"
# Read private key from 1Password and save locally with secure permissions
(
umask 077
op read "op://$VAULT/$KEY_NAME/private_key" > "$PRIVATE_KEY_FILE"
)
chmod 600 "$PRIVATE_KEY_FILE"

# Read public key from 1Password and save locally
Expand Down
Loading