Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add run_as in keylime.conf and avoid executing as root #423

Merged
merged 2 commits into from
Jul 27, 2022
Merged

Add run_as in keylime.conf and avoid executing as root #423

merged 2 commits into from
Jul 27, 2022

Conversation

aplanas
Copy link
Contributor

@aplanas aplanas commented Jul 12, 2022

Add run_as in keylime.conf

If run_as parameter is set but the user is missing in the system,
keylime will log an ERROR when trying to drop privileges, but continue
the execution as the current user (usually root). This can be a
security issue, as the agent is running "silently" as a privileged user.

This commit stop the execution if an error is found when dropping
privileges for the agent service, and present an info! message with
the current user and group.

lkatalin
lkatalin approved these changes Jul 14, 2022
View reviewed changes
Copy link
Contributor

@lkatalin lkatalin left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

This seems good to me and complementary to #409

@lkatalin
Copy link
Contributor

@aplanas Could you resolve the conflict?

@aplanas
Copy link
Contributor Author

aplanas commented Jul 26, 2022

@lkatalin, should be done! Do you want me to change the .expect() from the chown to a return Err()? Somehow I see this way clearer and more direct, but I am not sure.

lkatalin
lkatalin reviewed Jul 26, 2022
View reviewed changes
src/main.rs Outdated Show resolved Hide resolved
@lkatalin
Copy link
Contributor

Thank you, lgtm! Needs one more rebase and it should be good to go.

aplanas added 2 commits July 27, 2022 15:46
@aplanas
keylime.conf: add run_as section
520a9ae 
Signed-off-by: Alberto Planas <[email protected]>
@aplanas
main: die when cannot drop privileges
3a44738 
If `run_as` parameter is set but the user is missing in the system,
keylime will log an ERROR when trying to drop privileges, but continue
the execution as the current user (usually `root`).  This can be a
security issue, as the agent is running "silently" as a privileged user.

This commit stop the execution if an error is found when dropping
privileges for the agent service, and present an `info!` message with
the current user and group.

Signed-off-by: Alberto Planas <[email protected]>
@aplanas
Copy link
Contributor Author

aplanas commented Jul 27, 2022

@lkatalin Rebased, but I did not found any new conflict.

@lkatalin lkatalin merged commit 4b3c6b0 into keylime:master Jul 27, 2022
@aplanas aplanas deleted the fix_run_as branch September 26, 2022 14:24
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@lkatalin lkatalin lkatalin approved these changes

@ashcrow ashcrow ashcrow approved these changes

@lukehinds lukehinds Awaiting requested review from lukehinds

@puiterwijk puiterwijk Awaiting requested review from puiterwijk

Assignees

@puiterwijk puiterwijk

@lukehinds lukehinds

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
5 participants
@aplanas @lkatalin @ashcrow @puiterwijk @lukehinds