release: 0.2.1

Signed-off-by: Ophestra Umiker <cat@ophivana.moe>
fortify: use resolved username
2024-11-19 21:03:50 +09:00 · 2024-11-19 21:03:09 +09:00 · 2024-11-19 21:01:41 +09:00
3 changed files with 43 additions and 14 deletions
--- a/internal/app/seal.go
+++ b/internal/app/seal.go
@ -5,6 +5,7 @@ import (
 	"fmt"
 	"io/fs"
 	"path"
+	"regexp"
 	"strconv"

 	shim "git.ophivana.moe/security/fortify/cmd/fshim/ipc"
@ -19,8 +20,11 @@ var (
 	ErrConfig = errors.New("no configuration to seal")
 	ErrUser   = errors.New("invalid aid")
 	ErrHome   = errors.New("invalid home directory")
+	ErrName   = errors.New("invalid username")
 )

+var posixUsername = regexp.MustCompilePOSIX("^[a-z_]([A-Za-z0-9_-]{0,31}|[A-Za-z0-9_-]{0,30}\\$)$")
+
 // appSeal seals the application with child-related information
 type appSeal struct {
 	// app unique ID string representation
@ -106,6 +110,9 @@ func (a *app) Seal(config *Config) error {
 		}
 		if seal.sys.user.username == "" {
 			seal.sys.user.username = "chronos"
+		} else if !posixUsername.MatchString(seal.sys.user.username) {
+			return fmsg.WrapError(ErrName,
+				fmt.Sprintf("invalid user name %q", seal.sys.user.username))
 		}
 		if seal.sys.user.data == "" || !path.IsAbs(seal.sys.user.data) {
 			return fmsg.WrapError(ErrHome,
--- a/main.go
+++ b/main.go
@ -8,6 +8,7 @@ import (
 	"os/user"
 	"strconv"
 	"strings"
+	"sync"
 	"text/tabwriter"

 	"git.ophivana.moe/security/fortify/dbus"
@ -188,20 +189,41 @@ func main() {
 			panic("unreachable")
 		}

-		// resolve home directory from os when flag is unset
-		if homeDir == "os" {
+		// resolve home/username from os when flag is unset
+		var (
+			passwd     *user.User
+			passwdOnce sync.Once
+			passwdFunc = func() {
 				var us string
 				if uid, err := os.Uid(aid); err != nil {
 					fmsg.Fatalf("cannot obtain uid from fsu: %v", err)
 				} else {
 					us = strconv.Itoa(uid)
 				}
+
 				if u, err := user.LookupId(us); err != nil {
 					fmsg.VPrintf("cannot look up uid %s", us)
-				homeDir = "/var/empty"
-			} else {
-				homeDir = u.HomeDir
+					passwd = &user.User{
+						Uid:      us,
+						Gid:      us,
+						Username: "chronos",
+						Name:     "Fortify",
+						HomeDir:  "/var/empty",
 					}
+				} else {
+					passwd = u
+				}
+			}
+		)
+
+		if homeDir == "os" {
+			passwdOnce.Do(passwdFunc)
+			homeDir = passwd.HomeDir
+		}
+
+		if userName == "chronos" {
+			passwdOnce.Do(passwdFunc)
+			userName = passwd.Username
 		}

 		config.Confinement.AppID = aid
--- a/package.nix
+++ b/package.nix
@ -10,7 +10,7 @@

 buildGoModule rec {
  pname = "fortify";
-  version = "0.2.0";
+  version = "0.2.1";

  src = ./.;
  vendorHash = null;
Author	SHA1	Message	Date
Ophestra Umiker	de0d78daae	release: 0.2.1 release / release (push) Successful in 1m4s Details test / test (push) Successful in 20s Details Signed-off-by: Ophestra Umiker <cat@ophivana.moe>	2024-11-19 21:03:50 +09:00
Ophestra Umiker	6bf33ce507	fortify: use resolved username test / test (push) Successful in 21s Details Signed-off-by: Ophestra Umiker <cat@ophivana.moe>	2024-11-19 21:03:09 +09:00
Ophestra Umiker	9faf3b3596	app: validate username test / test (push) Successful in 23s Details This value is used for passwd generation. Bad input can cause very confusing issues. This is not a security issue, however validation will improve user experience. Signed-off-by: Ophestra Umiker <cat@ophivana.moe>	2024-11-19 21:01:41 +09:00