pool/rust-keylime
SHA256
4
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity
rust-keylime/0001-main-die-when-cannot-drop-privileges.patch
Alberto Planas Dominguez cc7fc9144b Accepting request 989445 from home:aplanas:branches:security 
- Update to version 0.1.0+git.1657303637.5b9072a:
  * keys_handler: Use scopes to drop mutexes before await
  * Enable usage of Rust IMA emulator in E2E tests.
  * ima_emulator: Support PCR hash algorithms other than SHA-1
  * ima_entry: add IMA entry parser ported from Python Keylime
  * algorithms: Add conversion between our hash algorithms and OpenSSL's
  * Remove unused functions revocation_ip_get and revocation_port_get. Change String to &str.
  * Adjust function usage comments to account for new parameters.
  * Load config file less at startup in src/common.rs
  * GNUmakefile: Make target dependencies explicit
  * permissions: Set supplementary groups when dropping privileges
  * main: Use more descriptive message for missing files error
  * Show path when fail to load the certificate
  * tpm: Add serialization functions for structures in quotes
- Requires tpm2.0-abrmd dependency, as the kernel resource manager
  could be not enough
- Downgrade /var/run/keylime permissions
- Set "run_as" parameter to "keylime:tss"
- Create the keylime user via systemd
- Fix keylime service home directory

OBS-URL: https://build.opensuse.org/request/show/989445
OBS-URL: https://build.opensuse.org/package/show/security/rust-keylime?expand=0&rev=20
2022-07-15 13:19:45 +00:00

40 lines
1.4 KiB
Diff
Raw Blame History

From e34692c33914f7c9598c1bc9030bf94ef525d5eb Mon Sep 17 00:00:00 2001
From: Alberto Planas <aplanas@suse.com>
Date: Tue, 12 Jul 2022 14:09:24 +0200
Subject: [PATCH 2/2] main: die when cannot drop privileges
If `run_as` parameter is set but the user is missing in the system,
keylime will log an ERROR when trying to drop privileges, but continue
the execution as the current user (usually `root`). This can be a
security issue, as the agent is running "silently" as a privileged user.
This commit stop the execution if an error is found when dropping
privileges for the agent service, and present an `info!` message with
the current user and group.
Signed-off-by: Alberto Planas <aplanas@suse.com>
---
src/main.rs | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/src/main.rs b/src/main.rs
index ef29eb2..d646d09 100644
--- a/src/main.rs
+++ b/src/main.rs
@@ -407,8 +407,10 @@ async fn main() -> Result<()> {
// Drop privileges
if let Some(user_group) = &config.run_as {
- permissions::chown(user_group, &mount);
- permissions::run_as(user_group);
+ permissions::chown(user_group, &mount)
+ .expect("Error when changing directory ownership");
+ permissions::run_as(user_group).expect("Error dropping privileges");
+ info!("Running the service as {}...", user_group);
}
info!("Starting server with API version {}...", API_VERSION);
--
2.37.0
Reference in New Issue View Git Blame Copy Permalink