Dev image ships with debug-tweaks (empty root password, SSH root access) #44
Description
The dev image recipe in meta-dstack/recipes-core/images/dstack-rootfs-dev.inc includes Yocto's debug-tweaks feature, which sets an empty root password and enables SSH root access, creating a remotely exploitable backdoor if the dev image is deployed to production.
Root Cause
The dev image recipe includes Yocto's debug-tweaks feature:
# dstack-rootfs-dev.inc:3-4
IMAGE_INSTALL += "packagegroup-core-ssh-openssh strace tcpdump gdb gdbserver vim"
EXTRA_IMAGE_FEATURES += "debug-tweaks tools-profile"debug-tweaks enables:
- Empty root password (allows passwordless root login)
- SSH root access without key authentication
- Post-install script execution
The production image correctly uses nologin and does not include debug-tweaks.
Attack Path
- Operator accidentally deploys the dev image instead of the production image in a production environment
- The CVM has an empty root password and SSH access
- Any process or network-connected attacker can log in as root without credentials
- Root access gives full control over all CVM contents including keyshares and private keys
- Note: TDX attestation would detect the wrong image (different measurements), but only if the verifier checks the image measurements
Impact
If the dev image is accidentally deployed in production, the CVM has no authentication boundary. The risk is operational — it depends on deploying the correct image. The production image is correctly hardened.
Suggested Fix
- Add a build-time safety check that prevents dev images from being pushed to production registries
- Add a runtime check in the node that verifies it's running on a production image (e.g., check for the absence of
debug-tweaksindicators) - Consider using distinct image names that make accidental substitution obvious (e.g.,
dstack-rootfs-dev-DO-NOT-DEPLOY-TO-PROD)
Note: This issue was created automatically. The vulnerability report was generated by Claude and has not been verified by a human.