commit 3414e43de1cc6dd332d67dcaf2c371e081f634dd
author Tomáš Pecka <tomas.pecka@cesnet.cz> Wed Jan 17 19:11:39 2024 +0100
committer Tomáš Pecka <tomas.pecka@cesnet.cz> Thu Jan 18 12:19:25 2024 +0100
tree 4c1a49ddebbda7d2932c36112604eb6dad62784a
parent 24b5483ff527112a278959068c65bc4ba8468eaa

system: deny reading other user's authorised keys

I believe that users should not be able to peek at each other
authentication details (authorised keys and date of last change).

Change-Id: I6c158f0727e3f8edcdbd1028066bd09ecb31bced

yang/czechlight-authentication.json

diff --git a/yang/czechlight-authentication.json b/yang/czechlight-authentication.json
index d291970..6604b16 100644
--- a/yang/czechlight-authentication.json
+++ b/yang/czechlight-authentication.json
@@ -8,8 +8,8 @@
         ],
         "rule": [
           {
-            "name": "Allow executing actions of current user",
-            "access-operations": "exec",
+            "name": "Allow reading and executing actions in the context of the current user",
+            "access-operations": "exec read",
             "module-name": "czechlight-system",
             "action": "permit",
             "path": "/czechlight-system:authentication/users[name=$USER]"

yang/czechlight-system@2022-07-08.yang

diff --git a/yang/czechlight-system@2022-07-08.yang b/yang/czechlight-system@2022-07-08.yang
index 98fade2..6327836 100644
--- a/yang/czechlight-system@2022-07-08.yang
+++ b/yang/czechlight-system@2022-07-08.yang
@@ -178,10 +178,12 @@
       }
 
       leaf password-last-change {
+        nacm:default-deny-all;
         type string;
       }
 
       list authorized-keys {
+        nacm:default-deny-all;
         key 'index';
         description "List of SSH keys which are recognized for this user";
 
@@ -195,7 +197,6 @@
         }
 
         action remove {
-          nacm:default-deny-all;
           description "Remove the selected SSH authentication key of the selected user";
           output {
             uses authentication-rpc-result;