Track access/modification time of sensitive files

Collects the stats of tomb keys and tomb files then restore them when Tomb exits. Can be extended to any file opened by Tomb. See #266
2024-11-05 21:07:58 +00:00 · 2018-09-23 22:21:05 +01:00 · 2018-09-23 22:21:05 +01:00 · aaa4637ed0
commit aaa4637ed0
parent cdd3c5804a
2 changed files with 40 additions and 0 deletions
--- a/extras/test/10_operations.sh
+++ b/extras/test/10_operations.sh
@ -4,6 +4,9 @@ export test_description="Testing common operations on tomb"

 source ./setup

+_getaccess() { stat --format=%X "$1"; }
+_getmodif() { stat --format=%Y "$1"; }
+
 test_export "test" # Using already generated tomb
 test_expect_success 'Testing open with wrong password ' '
    test_must_fail tt_open --tomb-pwd wrongpassword
@ -21,6 +24,15 @@ test_expect_success 'Testing open in read only mode' '
    chmod +w $tomb
    '

+test_expect_success 'Testing tomb files stat restoration' '
+    access=$(_getaccess $tomb_key) &&
+    modif=$(_getmodif $tomb_key) &&
+    tt_open --tomb-pwd $DUMMYPASS &&
+    tt_close &&
+    [[ "$access" == "$(_getaccess $tomb_key)" ]] &&
+    [[ "$modif" == "$(_getmodif $tomb_key)" ]]
+    '
+
 if test_have_prereq LSOF; then
    gcc -Wall -o $TMP/close_block $TEST_HOME/close_block.c
    test_expect_success 'Testing functionality of the slam operation (use of lsof)' '
--- a/28
+++ b/28
@ -107,6 +107,7 @@ typeset -H TOMBTMP			  # Filename of secure temp just created (see _tmp_create()

 typeset -aH TOMBTMPFILES	  # Keep track of temporary files
 typeset -aH TOMBLOOPDEVS	  # Keep track of used loop devices
+typeset -A TOMBFILESSTAT      # Keep track of access date attributes

 # Make sure sbin is in PATH (man zshparam)
 path+=( /sbin /usr/sbin )
@ -132,6 +133,9 @@ $msg
 # Cleanup anything sensitive before exiting.
 _endgame() {

+	# Restore access time of sensitive files
+    [[ -z $TOMBFILESSTAT ]] || _restore_stat
+
 	# Prepare some random material to overwrite vars
 	local rr="$RANDOM"
 	while [[ ${#rr} -lt 500 ]]; do
@ -185,6 +189,27 @@ _is_found() {
 	return $?
 }

+# Track acces and modification time of tomb files.
+# $1: file to track
+# date format: seconds since Epoch
+# stat format: <last access>:<last modified>
+_track_stat() {
+    local file="$1"
+    local stat=$(stat --format="%X:%Y" "$file")
+    TOMBFILESSTAT+=("$file" "$stat")
+}
+
+# Restore files stats
+_restore_stat() {
+    local file stat
+    for file stat in "${(@kv)TOMBFILESSTAT}"; do
+        stats=("${(@s.:.)stat}")
+        _verbose "Restoring access and modification time for ::1 file::" $file
+        [[ -z "${stats[1]}" ]] || touch -a --date="@${stats[1]}" "$file"
+        [[ -z "${stats[2]}" ]] || touch -m --date="@${stats[1]}" "$file"
+    done
+}
+
 # Identify the running user
 # Set global variables _UID, _GID, _TTY, and _USER, either from the
 # command line, -U, -G, -T, respectively, or from the environment.
@ -947,6 +972,7 @@ _load_key() {
 	else
 		_verbose "load_key argument: ::1 key file::" $keyfile
 		[[ -r $keyfile ]] || _failure "Key not found, specify one using -k."
+		_track_stat "$keyfile"
 		TOMBKEYFILE=$keyfile
 		TOMBKEY="${mapfile[$TOMBKEYFILE]}"
 	fi
@ -1930,6 +1956,8 @@ mount_tomb() {
 	# this also calls _plot()
 	is_valid_tomb $tombpath

+	_track_stat "$tombpath"
+
 	_load_key # Try loading new key from option -k and set TOMBKEYFILE

 	tombmount="$2"