Track access/modification time of sensitive files

Collects the stats of tomb keys and tomb files then restore them when
Tomb exits. Can be extended to any file opened by Tomb. See #266
This commit is contained in:
Alexandre Pujol 2018-09-23 22:21:05 +01:00
parent cdd3c5804a
commit aaa4637ed0
No known key found for this signature in database
GPG Key ID: C5469996F0DF68EC
2 changed files with 40 additions and 0 deletions

View File

@ -4,6 +4,9 @@ export test_description="Testing common operations on tomb"
source ./setup
_getaccess() { stat --format=%X "$1"; }
_getmodif() { stat --format=%Y "$1"; }
test_export "test" # Using already generated tomb
test_expect_success 'Testing open with wrong password ' '
test_must_fail tt_open --tomb-pwd wrongpassword
@ -21,6 +24,15 @@ test_expect_success 'Testing open in read only mode' '
chmod +w $tomb
'
test_expect_success 'Testing tomb files stat restoration' '
access=$(_getaccess $tomb_key) &&
modif=$(_getmodif $tomb_key) &&
tt_open --tomb-pwd $DUMMYPASS &&
tt_close &&
[[ "$access" == "$(_getaccess $tomb_key)" ]] &&
[[ "$modif" == "$(_getmodif $tomb_key)" ]]
'
if test_have_prereq LSOF; then
gcc -Wall -o $TMP/close_block $TEST_HOME/close_block.c
test_expect_success 'Testing functionality of the slam operation (use of lsof)' '

28
tomb
View File

@ -107,6 +107,7 @@ typeset -H TOMBTMP # Filename of secure temp just created (see _tmp_create()
typeset -aH TOMBTMPFILES # Keep track of temporary files
typeset -aH TOMBLOOPDEVS # Keep track of used loop devices
typeset -A TOMBFILESSTAT # Keep track of access date attributes
# Make sure sbin is in PATH (man zshparam)
path+=( /sbin /usr/sbin )
@ -132,6 +133,9 @@ $msg
# Cleanup anything sensitive before exiting.
_endgame() {
# Restore access time of sensitive files
[[ -z $TOMBFILESSTAT ]] || _restore_stat
# Prepare some random material to overwrite vars
local rr="$RANDOM"
while [[ ${#rr} -lt 500 ]]; do
@ -185,6 +189,27 @@ _is_found() {
return $?
}
# Track acces and modification time of tomb files.
# $1: file to track
# date format: seconds since Epoch
# stat format: <last access>:<last modified>
_track_stat() {
local file="$1"
local stat=$(stat --format="%X:%Y" "$file")
TOMBFILESSTAT+=("$file" "$stat")
}
# Restore files stats
_restore_stat() {
local file stat
for file stat in "${(@kv)TOMBFILESSTAT}"; do
stats=("${(@s.:.)stat}")
_verbose "Restoring access and modification time for ::1 file::" $file
[[ -z "${stats[1]}" ]] || touch -a --date="@${stats[1]}" "$file"
[[ -z "${stats[2]}" ]] || touch -m --date="@${stats[1]}" "$file"
done
}
# Identify the running user
# Set global variables _UID, _GID, _TTY, and _USER, either from the
# command line, -U, -G, -T, respectively, or from the environment.
@ -947,6 +972,7 @@ _load_key() {
else
_verbose "load_key argument: ::1 key file::" $keyfile
[[ -r $keyfile ]] || _failure "Key not found, specify one using -k."
_track_stat "$keyfile"
TOMBKEYFILE=$keyfile
TOMBKEY="${mapfile[$TOMBKEYFILE]}"
fi
@ -1930,6 +1956,8 @@ mount_tomb() {
# this also calls _plot()
is_valid_tomb $tombpath
_track_stat "$tombpath"
_load_key # Try loading new key from option -k and set TOMBKEYFILE
tombmount="$2"