From aaa4637ed079b140cbe0298128b42c19f44c8166 Mon Sep 17 00:00:00 2001 From: Alexandre Pujol Date: Sun, 23 Sep 2018 22:21:05 +0100 Subject: [PATCH 1/2] Track access/modification time of sensitive files Collects the stats of tomb keys and tomb files then restore them when Tomb exits. Can be extended to any file opened by Tomb. See #266 --- extras/test/10_operations.sh | 12 ++++++++++++ tomb | 28 ++++++++++++++++++++++++++++ 2 files changed, 40 insertions(+) diff --git a/extras/test/10_operations.sh b/extras/test/10_operations.sh index 41d740e..003be17 100644 --- a/extras/test/10_operations.sh +++ b/extras/test/10_operations.sh @@ -4,6 +4,9 @@ export test_description="Testing common operations on tomb" source ./setup +_getaccess() { stat --format=%X "$1"; } +_getmodif() { stat --format=%Y "$1"; } + test_export "test" # Using already generated tomb test_expect_success 'Testing open with wrong password ' ' test_must_fail tt_open --tomb-pwd wrongpassword @@ -21,6 +24,15 @@ test_expect_success 'Testing open in read only mode' ' chmod +w $tomb ' +test_expect_success 'Testing tomb files stat restoration' ' + access=$(_getaccess $tomb_key) && + modif=$(_getmodif $tomb_key) && + tt_open --tomb-pwd $DUMMYPASS && + tt_close && + [[ "$access" == "$(_getaccess $tomb_key)" ]] && + [[ "$modif" == "$(_getmodif $tomb_key)" ]] + ' + if test_have_prereq LSOF; then gcc -Wall -o $TMP/close_block $TEST_HOME/close_block.c test_expect_success 'Testing functionality of the slam operation (use of lsof)' ' diff --git a/tomb b/tomb index 6d3644a..51672f7 100755 --- a/tomb +++ b/tomb @@ -107,6 +107,7 @@ typeset -H TOMBTMP # Filename of secure temp just created (see _tmp_create() typeset -aH TOMBTMPFILES # Keep track of temporary files typeset -aH TOMBLOOPDEVS # Keep track of used loop devices +typeset -A TOMBFILESSTAT # Keep track of access date attributes # Make sure sbin is in PATH (man zshparam) path+=( /sbin /usr/sbin ) @@ -132,6 +133,9 @@ $msg # Cleanup anything sensitive before exiting. _endgame() { + # Restore access time of sensitive files + [[ -z $TOMBFILESSTAT ]] || _restore_stat + # Prepare some random material to overwrite vars local rr="$RANDOM" while [[ ${#rr} -lt 500 ]]; do @@ -185,6 +189,27 @@ _is_found() { return $? } +# Track acces and modification time of tomb files. +# $1: file to track +# date format: seconds since Epoch +# stat format: : +_track_stat() { + local file="$1" + local stat=$(stat --format="%X:%Y" "$file") + TOMBFILESSTAT+=("$file" "$stat") +} + +# Restore files stats +_restore_stat() { + local file stat + for file stat in "${(@kv)TOMBFILESSTAT}"; do + stats=("${(@s.:.)stat}") + _verbose "Restoring access and modification time for ::1 file::" $file + [[ -z "${stats[1]}" ]] || touch -a --date="@${stats[1]}" "$file" + [[ -z "${stats[2]}" ]] || touch -m --date="@${stats[1]}" "$file" + done +} + # Identify the running user # Set global variables _UID, _GID, _TTY, and _USER, either from the # command line, -U, -G, -T, respectively, or from the environment. @@ -947,6 +972,7 @@ _load_key() { else _verbose "load_key argument: ::1 key file::" $keyfile [[ -r $keyfile ]] || _failure "Key not found, specify one using -k." + _track_stat "$keyfile" TOMBKEYFILE=$keyfile TOMBKEY="${mapfile[$TOMBKEYFILE]}" fi @@ -1930,6 +1956,8 @@ mount_tomb() { # this also calls _plot() is_valid_tomb $tombpath + _track_stat "$tombpath" + _load_key # Try loading new key from option -k and set TOMBKEYFILE tombmount="$2" From 2f3826d88d9d4d73e772751a2ef058b870e69017 Mon Sep 17 00:00:00 2001 From: Alexandre Pujol Date: Mon, 24 Sep 2018 12:58:51 +0100 Subject: [PATCH 2/2] Fix modification time restoration. --- tomb | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/tomb b/tomb index 51672f7..7612c0b 100755 --- a/tomb +++ b/tomb @@ -206,7 +206,7 @@ _restore_stat() { stats=("${(@s.:.)stat}") _verbose "Restoring access and modification time for ::1 file::" $file [[ -z "${stats[1]}" ]] || touch -a --date="@${stats[1]}" "$file" - [[ -z "${stats[2]}" ]] || touch -m --date="@${stats[1]}" "$file" + [[ -z "${stats[2]}" ]] || touch -m --date="@${stats[2]}" "$file" done }