Security: VMware ESX Server and hosted products for Linux incorrect permissions on SSL key files vulnerability

A new flaw appeared on ESX Server and, this time, on all hosted products running on Linux:

In /usr/bin/vmware-config.pl, code sets permissions on the key and certificate files to safe values. However, this script does not use the safe_chmod() subroutine that reports errors on failure. Instead, it uses the native Perl chmod() function without any return code checking. Because the safe_chmod() subroutine is not used and no return code checks are performed, the user is not alerted if chmod() fails. If umask is used at the time, the result might leave the key file readable to any local user on the system.

To address this issue, while waiting for a patch, do the following:

Manually change the permissions on the key and certificate to their intended values. The following commands are appropriate on a default installation:

# chmod 400 /etc/vmware/ssl/rui.key
# chmod 444 /etc/vmware/ssl/rui.crt

Read the VMware official KB article about this vulnerability for updates and further details on affected systems.