fsu: check parent executable path
test / test (push) Successful in 19s
Details
test / test (push) Successful in 19s
Details
Only allow main program to launch fsu. This change and further checks in the main program reduces attack surface. Signed-off-by: Ophestra Umiker <cat@ophivana.moe>
This commit is contained in:
parent
431dc095e5
commit
aa1f96eeeb
SSH Key Fingerprint:
SHA256:gQ67O0enBZ7UdZypgtspB2FDM1g3GVw8nX0XSdcFw8Q
|
|
@ -35,11 +35,20 @@ func main() {
|
||||||
log.Fatal("this program must not be started by root")
|
log.Fatal("this program must not be started by root")
|
||||||
}
|
}
|
||||||
|
|
||||||
// check compiled in fortify path
|
// validate compiled in fortify path
|
||||||
if FortifyPath == fpPoison || !path.IsAbs(FortifyPath) {
|
if FortifyPath == fpPoison || !path.IsAbs(FortifyPath) {
|
||||||
log.Fatal("invalid fortify path, this copy of fsu is not compiled correctly")
|
log.Fatal("invalid fortify path, this copy of fsu is not compiled correctly")
|
||||||
}
|
}
|
||||||
|
|
||||||
|
pexe := path.Join("/proc", strconv.Itoa(os.Getppid()), "exe")
|
||||||
|
if p, err := os.Readlink(pexe); err != nil {
|
||||||
|
log.Fatalf("cannot read parent executable path: %v", err)
|
||||||
|
} else if strings.HasSuffix(p, " (deleted)") {
|
||||||
|
log.Fatal("fortify executable has been deleted")
|
||||||
|
} else if p != FortifyPath {
|
||||||
|
log.Fatal("this program must be started by fortify")
|
||||||
|
}
|
||||||
|
|
||||||
// uid = 1000000 +
|
// uid = 1000000 +
|
||||||
// fid * 10000 +
|
// fid * 10000 +
|
||||||
// aid
|
// aid
|
||||||
|
|
|
||||||
|
|
@ -21,7 +21,7 @@ buildGoModule rec {
|
||||||
"-X"
|
"-X"
|
||||||
"main.Version=v${version}"
|
"main.Version=v${version}"
|
||||||
"-X"
|
"-X"
|
||||||
"main.FortifyPath=${placeholder "out"}/bin/fortify"
|
"main.FortifyPath=${placeholder "out"}/bin/.fortify-wrapped"
|
||||||
];
|
];
|
||||||
|
|
||||||
buildInputs = [
|
buildInputs = [
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue