Compare commits

...

3 Commits

Author SHA1 Message Date
Ophestra Umiker de0d78daae
release: 0.2.1
release / release (push) Successful in 1m4s Details
test / test (push) Successful in 20s Details
Signed-off-by: Ophestra Umiker <cat@ophivana.moe>
2024-11-19 21:03:50 +09:00
Ophestra Umiker 6bf33ce507
fortify: use resolved username
test / test (push) Successful in 21s Details
Signed-off-by: Ophestra Umiker <cat@ophivana.moe>
2024-11-19 21:03:09 +09:00
Ophestra Umiker 9faf3b3596
app: validate username
test / test (push) Successful in 23s Details
This value is used for passwd generation. Bad input can cause very confusing issues. This is not a security issue, however validation will improve user experience.

Signed-off-by: Ophestra Umiker <cat@ophivana.moe>
2024-11-19 21:01:41 +09:00
3 changed files with 43 additions and 14 deletions

View File

@ -5,6 +5,7 @@ import (
"fmt"
"io/fs"
"path"
"regexp"
"strconv"
shim "git.ophivana.moe/security/fortify/cmd/fshim/ipc"
@ -19,8 +20,11 @@ var (
ErrConfig = errors.New("no configuration to seal")
ErrUser = errors.New("invalid aid")
ErrHome = errors.New("invalid home directory")
ErrName = errors.New("invalid username")
)
var posixUsername = regexp.MustCompilePOSIX("^[a-z_]([A-Za-z0-9_-]{0,31}|[A-Za-z0-9_-]{0,30}\\$)$")
// appSeal seals the application with child-related information
type appSeal struct {
// app unique ID string representation
@ -106,6 +110,9 @@ func (a *app) Seal(config *Config) error {
}
if seal.sys.user.username == "" {
seal.sys.user.username = "chronos"
} else if !posixUsername.MatchString(seal.sys.user.username) {
return fmsg.WrapError(ErrName,
fmt.Sprintf("invalid user name %q", seal.sys.user.username))
}
if seal.sys.user.data == "" || !path.IsAbs(seal.sys.user.data) {
return fmsg.WrapError(ErrHome,

48
main.go
View File

@ -8,6 +8,7 @@ import (
"os/user"
"strconv"
"strings"
"sync"
"text/tabwriter"
"git.ophivana.moe/security/fortify/dbus"
@ -188,20 +189,41 @@ func main() {
panic("unreachable")
}
// resolve home directory from os when flag is unset
// resolve home/username from os when flag is unset
var (
passwd *user.User
passwdOnce sync.Once
passwdFunc = func() {
var us string
if uid, err := os.Uid(aid); err != nil {
fmsg.Fatalf("cannot obtain uid from fsu: %v", err)
} else {
us = strconv.Itoa(uid)
}
if u, err := user.LookupId(us); err != nil {
fmsg.VPrintf("cannot look up uid %s", us)
passwd = &user.User{
Uid: us,
Gid: us,
Username: "chronos",
Name: "Fortify",
HomeDir: "/var/empty",
}
} else {
passwd = u
}
}
)
if homeDir == "os" {
var us string
if uid, err := os.Uid(aid); err != nil {
fmsg.Fatalf("cannot obtain uid from fsu: %v", err)
} else {
us = strconv.Itoa(uid)
}
if u, err := user.LookupId(us); err != nil {
fmsg.VPrintf("cannot look up uid %s", us)
homeDir = "/var/empty"
} else {
homeDir = u.HomeDir
}
passwdOnce.Do(passwdFunc)
homeDir = passwd.HomeDir
}
if userName == "chronos" {
passwdOnce.Do(passwdFunc)
userName = passwd.Username
}
config.Confinement.AppID = aid

View File

@ -10,7 +10,7 @@
buildGoModule rec {
pname = "fortify";
version = "0.2.0";
version = "0.2.1";
src = ./.;
vendorHash = null;