[Mono-dev] Data protection failed. ---> System.UnauthorizedAccessException: Access to the path "/usr/share/.mono/keypairs/ (Mono-devel-list Digest, Vol 151, Issue 2)

nikhil sehgal nikhil.jiet at gmail.com
Mon Nov 13 17:45:09 UTC 2017


Both running as www-data ...can I get it customized...and store it in
particular location....it store it in different level location...when I run
it again and again so I have manage permission for it

On Nov 13, 2017 22:59, "Jo Shields" <directhex at apebox.org> wrote:

> Which user is Nginx running as?
>
>
> Which user is fastcgi-mono-server running as?
>
>
> Somehow, it thinks that $HOME for the running user is /root
>
>
> On 13/11/17 12:20, nikhil sehgal wrote:
>
>> Hi all,
>>
>> Now I have different scenario I have mono running as a custom user
>> XYZ...however I am getting exception that mono can't write keypairs  to
>> follow in path
>> /root/.config/.mono/keypairs
>>
>>
>> Why it's trying to write key's to Root's path......
>>
>> I am using nginx+fastcgimono ...
>>
>>
>> And this issue is very random I got 3/10 times...
>>
>> Please help urgent
>>
>>
>> On Oct 5, 2017 13:03, "nikhil sehgal" <nikhil.jiet at gmail.com> wrote:
>>
>> HI All ,
>>
>> While calling ProtectedData.Protect(Encoding
>> .Unicode.GetBytes("XXXXXXXXXXXXXXX"),
>> null, DataProtectionScope.LocalMachine);
>>
>>
>> I am getting following error ....i am running my application under
>> fast_cgi_mono+nginx and running as non root user..
>>
>> And following error is coming randomly not always.
>>
>> I don't want to run my application as root user for Security reasons
>> .please advice
>>
>> System.Security.Cryptography.CryptographicException: Data protection
>> failed. ---> System.UnauthorizedAccessException: Access to the path
>> "/usr/share/.mono/keypairs/[1][98f3a7e3-0d6e-f432-8a18-e1144
>> b53633f][-1].xml"
>> is denied.
>>    at System.IO.FileStream..ctor (System.String path, System.IO.FileMode
>> mode, System.IO.FileAccess access, System.IO.FileShare share, System.Int32
>> bufferSize, System.Boolean anonymous, System.IO.FileOptions options)
>> [0x001d8] in <77c9551943624fd18301ba6f78a841e5>:0
>>    at System.IO.FileStream..ctor (System.String path, System.IO.FileMode
>> mode, System.IO.FileAccess access, System.IO.FileShare share) [0x00000]
>> in <
>> 77c9551943624fd18301ba6f78a841e5>:0
>>    at (wrapper remoting-invoke-with-check) System.IO.FileStream:.ctor
>> (string,System.IO.FileMode,System.IO.FileAccess,System.IO.FileShare)
>>    at System.IO.File.Open (System.String path, System.IO.FileMode mode)
>> [0x00000] in <77c9551943624fd18301ba6f78a841e5>:0
>>    at Mono.Security.Cryptography.KeyPairPersistence.Save () [0x00006] in
>> <
>> 77c9551943624fd18301ba6f78a841e5>:0
>>    at System.Security.Cryptography.RSACryptoServiceProvider.OnKeyG
>> enerated
>> (System.Object sender, System.EventArgs e) [0x0002f] in <
>> 77c9551943624fd18301ba6f78a841e5>:0
>>    at Mono.Security.Cryptography.RSAManaged.GenerateKeyPair () [0x00151]
>> in <
>> 77c9551943624fd18301ba6f78a841e5>:0
>>    at Mono.Security.Cryptography.RSAManaged.EncryptValue (System.Byte[]
>> rgb)
>> [0x0001b] in <77c9551943624fd18301ba6f78a841e5>:0
>>    at Mono.Security.Cryptography.PKCS1.RSAEP
>> (System.Security.Cryptography.RSA
>> rsa, System.Byte[] m) [0x00000] in <77c9551943624fd18301ba6f78a841e5>:0
>>    at Mono.Security.Cryptography.PKCS1.Encrypt_OAEP
>> (System.Security.Cryptography.RSA rsa,
>> System.Security.Cryptography.HashAlgorithm
>> hash, System.Security.Cryptography.RandomNumberGenerator rng,
>> System.Byte[]
>> M) [0x000f6] in <77c9551943624fd18301ba6f78a841e5>:0
>>    at System.Security.Cryptography.Utils.RsaOaepEncrypt
>> (System.Security.Cryptography.RSA rsa,
>> System.Security.Cryptography.HashAlgorithm
>> hash, System.Security.Cryptography.PKCS1MaskGenerationMethod mgf,
>> System.Security.Cryptography.RandomNumberGenerator rng, System.Byte[]
>> data)
>> [0x00000] in <77c9551943624fd18301ba6f78a841e5>:0
>>    at System.Security.Cryptography.RSAOAEPKeyExchangeFormatter.Cre
>> ateKeyExchange
>> (System.Byte[] rgbData) [0x00047] in <77c9551943624fd18301ba6f78a841e5>:0
>>    at System.Security.Cryptography.RSACryptoServiceProvider.Encrypt
>> (System.Byte[] rgb, System.Boolean fOAEP) [0x0001f] in <
>> 77c9551943624fd18301ba6f78a841e5>:0
>>    at System.Security.Cryptography.RSACryptoServiceProvider.Encrypt
>> (System.Byte[] data, System.Security.Cryptography.RSAEncryptionPadding
>> padding) [0x00045] in <77c9551943624fd18301ba6f78a841e5>:0
>>    at System.Security.Cryptography.RSAOAEPKeyExchangeFormatter.Cre
>> ateKeyExchange
>> (System.Byte[] rgbData) [0x0002c] in <77c9551943624fd18301ba6f78a841e5>:0
>>    at Mono.Security.Cryptography.ManagedProtection.Protect (System.Byte[]
>> userData, System.Byte[] optionalEntropy,
>> System.Security.Cryptography.DataProtectionScope
>> scope) [0x0013e] in <2c890ca2f2c3434ca04011ecd5d57165>:0
>>    at System.Security.Cryptography.ProtectedData.Protect (System.Byte[]
>> userData, System.Byte[] optionalEntropy,
>> System.Security.Cryptography.DataProtectionScope
>> scope) [0x00023] in <2c890ca2f2c3434ca04011ecd5d57165>:0
>>     --- End of inner exception stack trace ---
>>    at System.Security.Cryptography.ProtectedData.Protect (System.Byte[]
>> userData, System.Byte[] optionalEntropy,
>> System.Security.Cryptography.DataProtectionScope
>> scope) [0x0003f] in <2c890ca2f2c3434ca04011ecd5d57165>:0
>>    at Writelog.Program.Main (System.String[] args) [0x00010] in <
>> e4a1cce0275a48f29c577f83bf71131e>:0
>> [ERROR] FATAL UNHANDLED EXCEPTION:
>> System.Security.Cryptography.CryptographicException:
>> Data protection failed. ---> System.UnauthorizedAccessException: Access
>> to
>> the path "/usr/share/.mono/keypairs/[1][98f3a7e3-0d6e-f432-8a18-e1144
>> b53633f][-1].xml"
>> is denied.
>>    at System.IO.FileStream..ctor (System.String path, System.IO.FileMode
>> mode, System.IO.FileAccess access, System.IO.FileShare share, System.Int32
>> bufferSize, System.Boolean anonymous, System.IO.FileOptions options)
>> [0x001d8] in <77c9551943624fd18301ba6f78a841e5>:0
>>    at System.IO.FileStream..ctor (System.String path, System.IO.FileMode
>> mode, System.IO.FileAccess access, System.IO.FileShare share) [0x00000]
>> in <
>> 77c9551943624fd18301ba6f78a841e5>:0
>>    at (wrapper remoting-invoke-with-check) System.IO.FileStream:.ctor
>> (string,System.IO.FileMode,System.IO.FileAccess,System.IO.FileShare)
>>    at System.IO.File.Open (System.String path, System.IO.FileMode mode)
>> [0x00000] in <77c9551943624fd18301ba6f78a841e5>:0
>>    at Mono.Security.Cryptography.KeyPairPersistence.Save () [0x00006] in
>> <
>> 77c9551943624fd18301ba6f78a841e5>:0
>>    at System.Security.Cryptography.RSACryptoServiceProvider.OnKeyG
>> enerated
>> (System.Object sender, System.EventArgs e) [0x0002f] in <
>> 77c9551943624fd18301ba6f78a841e5>:0
>>    at Mono.Security.Cryptography.RSAManaged.GenerateKeyPair () [0x00151]
>> in <
>> 77c9551943624fd18301ba6f78a841e5>:0
>>    at Mono.Security.Cryptography.RSAManaged.EncryptValue (System.Byte[]
>> rgb)
>> [0x0001b] in <77c9551943624fd18301ba6f78a841e5>:0
>>    at Mono.Security.Cryptography.PKCS1.RSAEP
>> (System.Security.Cryptography.RSA
>> rsa, System.Byte[] m) [0x00000] in <77c9551943624fd18301ba6f78a841e5>:0
>>    at Mono.Security.Cryptography.PKCS1.Encrypt_OAEP
>> (System.Security.Cryptography.RSA rsa,
>> System.Security.Cryptography.HashAlgorithm
>> hash, System.Security.Cryptography.RandomNumberGenerator rng,
>> System.Byte[]
>> M) [0x000f6] in <77c9551943624fd18301ba6f78a841e5>:0
>>    at System.Security.Cryptography.Utils.RsaOaepEncrypt
>> (System.Security.Cryptography.RSA rsa,
>> System.Security.Cryptography.HashAlgorithm
>> hash, System.Security.Cryptography.PKCS1MaskGenerationMethod mgf,
>> System.Security.Cryptography.RandomNumberGenerator rng, System.Byte[]
>> data)
>> [0x00000] in <77c9551943624fd18301ba6f78a841e5>:0
>>    at System.Security.Cryptography.RSAOAEPKeyExchangeFormatter.Cre
>> ateKeyExchange
>> (System.Byte[] rgbData) [0x00047] in <77c9551943624fd18301ba6f78a841e5>:0
>>    at System.Security.Cryptography.RSACryptoServiceProvider.Encrypt
>> (System.Byte[] rgb, System.Boolean fOAEP) [0x0001f] in <
>> 77c9551943624fd18301ba6f78a841e5>:0
>>    at System.Security.Cryptography.RSACryptoServiceProvider.Encrypt
>> (System.Byte[] data, System.Security.Cryptography.RSAEncryptionPadding
>> padding) [0x00045] in <77c9551943624fd18301ba6f78a841e5>:0
>>    at System.Security.Cryptography.RSAOAEPKeyExchangeFormatter.Cre
>> ateKeyExchange
>> (System.Byte[] rgbData) [0x0002c] in <77c9551943624fd18301ba6f78a841e5>:0
>>    at Mono.Security.Cryptography.ManagedProtection.Protect (System.Byte[]
>> userData, System.Byte[] optionalEntropy,
>> System.Security.Cryptography.DataProtectionScope
>> scope) [0x0013e] in <2c890ca2f2c3434ca04011ecd5d57165>:0
>>    at System.Security.Cryptography.ProtectedData.Protect (System.Byte[]
>> userData, System.Byte[] optionalEntropy,
>> System.Security.Cryptography.DataProtectionScope
>> scope) [0x00023] in <2c890ca2f2c3434ca04011ecd5d57165>:0
>>     --- End of inner exception stack trace ---
>>    at System.Security.Cryptography.ProtectedData.Protect (System.Byte[]
>> userData, System.Byte[] optionalEntropy,
>> System.Security.Cryptography.DataProtectionScope
>> scope) [0x0003f] in <2c890ca2f2c3434ca04011ecd5d57165>:0
>>    at Writelog.Program.Main (System.String[] args) [0x00010] in <
>> e4a1cce0275a48f29c577f83bf71131e>:0
>> -------------- next part --------------
>> An HTML attachment was scrubbed...
>> URL: <http://lists.dot.net/pipermail/mono-devel-list/attachments/
>> 20171113/7c971554/attachment.html>
>>
>>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.dot.net/pipermail/mono-devel-list/attachments/20171113/a8dfcfdc/attachment-0002.html>


More information about the Mono-devel-list mailing list