security: Files created by Zebra can be read by any user on the same machine

[teor2345]

Scheduling

This is a blocker for securely implementing blockchain scanning. It needs to be fixed before the blockchain scanner creates any files on disk.

What happened?

I expected to see this happen:

Zebra creates files that are only readable by the user running Zebra.

Instead, this happened:

Zebra's database is readable by any user or service on the same machine. This is ok for now because that data is public. But any private data from the blockchain scanner should only be readable by that user.

The peer IP cache files are only readable by the running user, because we create them using a temp_file API.

What were you doing when the issue happened?

Running Zebra.

Zebra logs

This issue does not appear in the logs.

Zebra Version

zebrad 1.3.0

Which operating systems does the issue happen on?

• Linux
• macOS
• Windows
• Other OS

OS details

Any unix-based OS

Additional information

RocksDB does not have an API that changes file permissions. (There is an API, but it doesn't actually work.)
https://github.com/facebook/rocksdb/pull/3709/files
facebook/rocksdb#8109

We can change the permissions for all created files by calling set_umask() when we start Zebra, before we create any files:
https://docs.rs/file-mode/latest/file_mode/fn.set_umask.html

Previously created files will have world-readable permissions, or whatever custom permissions the operator set. Since this is not a security issue we should leave old permissions alone. (Resetting custom permissions is a breaking change.)