Hi all,
A few months ago i talked about a security key for the suid backend of
simple-netaid.
On 15/9/18 21:26, aitor_czr wrote:
> The idea is very simple. The GUI and the suid binary will contain a
> non-existent header:
>
> #include "key.h"
>
> The key.h file will contain an unique line (the random definition of
> the KEY varible) edited by CMake during the compilation. For example:
>
> var1="#define KEY "
> var2=`tr -cd '[:alnum:]' < /dev/urandom | fold -w32 | head -n1`
> echo "${var1}\"${var2}\"" > key.h
>
> would generate something like this:
>
> #define KEY "X1AULvFge6Tgq1p9BZat4EEVqAwaCnsB"
>
> and then, the suid binary only will be able to be run from the GUI,
> built together with it.
>
> Cheers,
>
> Aitor.
This security key hasn't a high priority in the project, because all the
orders are sent from the gui through file descriptors (unix sockets and
fifos) instead of arguments in the command line.
On the other hand, the key should be generated at build time by CMake,
so that it'll be only known by that frontend built *together* with the
backend.
Copy and paste the gui binary from one computer to another one wouldn't
work with the another backend suid binary. The macro in CMake could be
as follows:
add_custom_command(
TARGET backend
COMMAND ${CMAKE_COMMAND} -E chdir ${CMAKE_CURRENT_SOURCE_DIR} cmd
COMMENT "Generating the security key..."
)
being 'cmd' the script dealing with the generation of the random string
of characters, for example, something like this:
LC_ALL=C tr -dc 'A-Za-z0-9!"#$%&'\''()*+,-./:;<=>?@[\]^_`{|}~'
</dev/urandom | head -c 100 > key.txt
But i encountered the following problem: the random string was always
generated *after* the build processes, appearing as a second action when
executing CMake doing this
method completely useless.
I was wondering if one can't interpret a CMakeLists.txt file
sequentially, but i found a possible solution to this issue by adding
the PRE_BUILD option to the custom command.
For testing purposes, i tried adding this PRE_BUILD option in the custom
command concerning to the suid permissions, that is:
add_custom_command(
OUTPUT backend_suid
PRE_BUILD
POST_BUILDCOMMAND ${CMAKE_COMMAND} -E chdir
${CMAKE_CURRENT_SOURCE_DIR} sudo chown root:root backend
COMMAND ${CMAKE_COMMAND} -E chdir ${CMAKE_CURRENT_SOURCE_DIR} sudo
chmod u+s backend
COMMENT "Giving suid permissions to the backend...\n"
)
add_custom_target(suid ALL DEPENDS backend_suid)
... and CMake failed *as expected*, due to a non existent binary because
of the use of PRE_BUILD option, instead of POST_BUILD.
However, i took a disappointment seeing how this PRE_BUILD option
doesn't affect to the random string :(
Another possible solution might be setting the target of the first
add_custom_command (the random string) as a dependency of the backend
executable...
Any hints?
Thanks in advance,
Aitor.