- Issue created by @cmlara
- First commit to issue fork.
- 🇺🇸United States dmundra Eugene, OR
I believe I tackled the first one by essentially not catching the exception and letting it be thrown all the way up. Not ideal but avoids the file being upload in an unencrypted status.
- Assigned to dmundra
- 🇺🇸United States dmundra Eugene, OR
I am not sure that image styles works at all as the Image styles process cannot read the file since it is not decrypted for it. I think that was pointed out in related issues.
For image styles to work, we would have to either a process where the image is decrypted then styles are applied and then re-encrypted. This would be issue that scenario 2 is getting at I believe. I don't see how else image styles would work. To sufficiently not cause unencrypted data at rest it would better to not sure that feature and for it to be removed.
- 🇺🇸United States cmlara
For image styles to work, we would have to either a process where the image is decrypted then styles are applied and then re-encrypted.
To sufficiently not cause unencrypted data at rest it would better to not sure that feature and for it to be removed.
This is the purpose of streamWrappers, they handle this without 3rd party code needing to be aware this is occurring. Anything stored in the encrypt:// scheme should always be stored on disk encrypted.
I am not sure that image styles works at all as the Image styles process cannot read the file since it is not decrypted for it.
I no longer have the development lab for this report provisioned due to the incident age.
At this time I can not positively confirm that I did not accidentally test scenario 2 on a file experiencing the same faults as described in scenario 1. It is possible that this scenario has never seen a public exploit path. However the scenario 2 as noted in the issue would still exist if the file becomes readable and is separate from a reading fault.
I want to reiterate what was provided in the original security report and above, all 3 of these faults can be traced to the same root cause and should be 'same fix solution' to resolve. I would additionally not be surprised if fixing the root cause of this issue would resolve other non-security related bug reports.
- 🇺🇸United States dmundra Eugene, OR
Thank you cmlara. I will try testing by removing the fix for scenario 1 and seeing if that makes scenario 2 happen.
- 🇺🇸United States dmundra Eugene, OR
I merged some changes from other tickets and went back trying that and I finally got it to generate styles. Not sure why it started working (also updated local to 10.5). I do see it generate a smaller image that is not encrypted.