Obfuscate memory roots for non-root users

This commit is contained in:
Guillaume Maudoux 2019-02-28 23:26:07 +01:00 committed by Guillaume Maudoux
parent 43331d6344
commit a17f86ce3a
2 changed files with 16 additions and 9 deletions

View file

@ -374,7 +374,8 @@ try_again:
goto try_again; goto try_again;
} }
if (res > 0 && buf[0] == '/') if (res > 0 && buf[0] == '/')
roots.emplace(file, std::string(static_cast<char *>(buf), res)); roots.emplace((format("{memory:%1%") % file).str(),
std::string(static_cast<char *>(buf), res));
return; return;
} }
@ -407,8 +408,8 @@ void LocalStore::findRuntimeRoots(Roots & roots)
while (errno = 0, ent = readdir(procDir.get())) { while (errno = 0, ent = readdir(procDir.get())) {
checkInterrupt(); checkInterrupt();
if (std::regex_match(ent->d_name, digitsRegex)) { if (std::regex_match(ent->d_name, digitsRegex)) {
readProcLink((format("/proc/%1%/exe") % ent->d_name).str(), unchecked); readProcLink((format("{memory:/proc/%1%/exe}") % ent->d_name).str(), unchecked);
readProcLink((format("/proc/%1%/cwd") % ent->d_name).str(), unchecked); readProcLink((format("{memory:/proc/%1%/cwd}") % ent->d_name).str(), unchecked);
auto fdStr = (format("/proc/%1%/fd") % ent->d_name).str(); auto fdStr = (format("/proc/%1%/fd") % ent->d_name).str();
auto fdDir = AutoCloseDir(opendir(fdStr.c_str())); auto fdDir = AutoCloseDir(opendir(fdStr.c_str()));
@ -435,10 +436,9 @@ void LocalStore::findRuntimeRoots(Roots & roots)
auto mapLines = tokenizeString<std::vector<string>>(readFile(mapFile, true), "\n"); auto mapLines = tokenizeString<std::vector<string>>(readFile(mapFile, true), "\n");
int n = 0; int n = 0;
for (const auto& line : mapLines) { for (const auto& line : mapLines) {
n++;
auto match = std::smatch{}; auto match = std::smatch{};
if (std::regex_match(line, match, mapRegex)) if (std::regex_match(line, match, mapRegex))
unchecked.emplace((format("{%1%:%2%}") % mapFile % n).str(), match[1]); unchecked.emplace((format("{memory:%1%:%2%}") % mapFile % n++).str(), match[1]);
} }
auto envFile = (format("/proc/%1%/environ") % ent->d_name).str(); auto envFile = (format("/proc/%1%/environ") % ent->d_name).str();
@ -446,7 +446,7 @@ void LocalStore::findRuntimeRoots(Roots & roots)
auto env_end = std::sregex_iterator{}; auto env_end = std::sregex_iterator{};
n = 0; n = 0;
for (auto i = std::sregex_iterator{envString.begin(), envString.end(), storePathRegex}; i != env_end; ++i) for (auto i = std::sregex_iterator{envString.begin(), envString.end(), storePathRegex}; i != env_end; ++i)
unchecked.emplace((format("{%1%:%2%}") % envFile % envString).str(), i->str()); unchecked.emplace((format("{memory:%1%:%2%}") % envFile % n++).str(), i->str());
} catch (SysError & e) { } catch (SysError & e) {
if (errno == ENOENT || errno == EACCES || errno == ESRCH) if (errno == ENOENT || errno == EACCES || errno == ESRCH)
continue; continue;
@ -467,7 +467,7 @@ void LocalStore::findRuntimeRoots(Roots & roots)
for (const auto & line : lsofLines) { for (const auto & line : lsofLines) {
std::smatch match; std::smatch match;
if (std::regex_match(line, match, lsofRegex)) if (std::regex_match(line, match, lsofRegex))
unchecked.emplace((format("{%1%:%2%}" % LSOF % n++).str(), match[1]); unchecked.emplace((format("{memory:%1%:%2%}" % LSOF % n++).str(), match[1]);
} }
} catch (ExecError & e) { } catch (ExecError & e) {
/* lsof not installed, lsof failed */ /* lsof not installed, lsof failed */

View file

@ -478,8 +478,15 @@ static void performOp(TunnelLogger * logger, ref<Store> store,
Roots roots = store->findRoots(); Roots roots = store->findRoots();
logger->stopWork(); logger->stopWork();
to << roots.size(); to << roots.size();
for (auto & i : roots) int n = 0;
to << i.first << i.second; for (auto & i : roots) {
// Obfuscate 'memory' roots as they exposes information about other users,
if (i.first.rfind("{memory:", 0) == 0) {
to << fmt("{memory:%d}", n++) << i.second;
} else {
to << i.first << i.second;
}
}
break; break;
} }