I have a project called kos and it's a simple SUID tool,
recently as a lot of people in private have been asking
me I added authentication storing/remembering,
but it's not that good
So what happens basically is:
- Verify that the user has entered the correct password
- If the password is correct set the
temp_validate_uservariable totrueandtemp_validate_user_idto the authenticated user's ID (e.g.1000) - In the
run_commandfunction, after setting the appropriate IDs (uid, euid, gid and egid) do:- If the
last modifiedtimestamp is less than the set max ammount, remove/var/kos/<user id> - Else if
temp_validate_useris still set make sure/var/kosexists, if not make it then make a file called/var/kos/<user id>(e.g./var/kos/1000)
- If the
To put it simply we just store a file called /var/kos/<user id> and then check if its last modified timestamp is less than the max ammount
But we got a problem
Even though the dir is root-only with kos you can get root and if you verify once you can do this:
while true; do echo | kos touch "/var/kos/$(id -u)"; done
And when the user authenticates the file will be be updated all the time meaning you can have infinite root bypass
So the question is, is there ANY better way to do this, I really need to find a better way because as more of the time passes I keep getting more and more worried about it and I can't think of anything
Oh and if it wasn't clear already, I don't want to use PAM or anything else other than pure C or C
Related commits and lines of code:
- https://github.com/TruncatedDinosour/kos/commit/cbcc1346d76b0c47bb4658a1b650de11f74a2727
- https://github.com/TruncatedDinosour/kos/blob/main/src/config.h#L62
- https://github.com/TruncatedDinosour/kos/blob/main/src/macros.hpp#L40
- https://github.com/TruncatedDinosour/kos/blob/main/src/main.cpp#L37
- https://github.com/TruncatedDinosour/kos/blob/main/src/main.cpp#L46
- https://github.com/TruncatedDinosour/kos/blob/main/src/main.cpp#L23
- https://github.com/TruncatedDinosour/kos/blob/main/src/main.cpp#L175
- https://github.com/TruncatedDinosour/kos/blob/main/src/main.cpp#L185
- https://github.com/TruncatedDinosour/kos/commit/f8c4e79e798c0ffaa15df9d1d77fb91b54e61599
- https://github.com/TruncatedDinosour/kos/commit/9ee54bbd01281016d1170c37b0a6cd23433b1227
Thanks for the answers in advance :)
Questions and answers
- What's your goal?
Store that the user has logged in for x ammount of seconds then if x seconds have passed invalidate it, but until x seconds hasn't passed don't ask the specific logged in user to enter their password
CodePudding user response:
As @ThomasWeller sudo does the same thing, meaning it's secure enough, I dropped the terms on the dir from 744 to 711 and file perms from 744 to 600
Thank you @ThomasWeller once again