Runtime event log writable by any VM process #557
Description
The RTMR event log file managed by dstack/dstack-util/src/system_setup.rs is written to a world-readable path without integrity protection, so any process in the CVM can overwrite or truncate the log to hide evidence of measurements.
Root Cause
The runtime event log file (/run/log/dstack/runtime_events.log) is created without restrictive file permissions. Any process inside the CVM can write to this file, appending forged events or truncating existing entries. The event log is used for RTMR3 verification — verifiers replay the log to reconstruct the expected RTMR3 value.
Attack Path
- Attacker compromises a container inside the CVM
- Attacker appends forged events to
/run/log/dstack/runtime_events.log - The forged events cause RTMR3 replay to produce a different hash than the actual RTMR3 register
- This could cause legitimate attestation to fail (DoS against the CVM's attestability)
- Alternatively, if the attacker can truncate the log early, the replayed RTMR3 would be incomplete
- Note: the attacker cannot forge the actual RTMR3 hardware register (only the TDX module can extend it), so forged log entries would cause a mismatch, not a bypass
Impact
Denial of attestability — a compromised container can corrupt the event log so that RTMR3 replay verification fails, making the CVM appear untrustworthy even though the actual RTMR3 register is correct. The attacker cannot forge the hardware register itself, so this is primarily a DoS vector rather than an integrity bypass.
Suggested Fix
Set restrictive permissions on the event log file:
use std::os::unix::fs::OpenOptionsExt;
let file = std::fs::OpenOptions::new()
.create(true)
.append(true)
.mode(0o600) // Only root can read/write
.open("/run/log/dstack/runtime_events.log")?;Consider making the file append-only via chattr +a after creation.
Note: This issue was created automatically. The vulnerability report was generated by Claude and has not been verified by a human.