safe

Password protected secret keeper
git clone git://git.z3bra.org/safe.git
Log | Files | Refs | README | LICENSE

commit 813084d053bc475fecc17656d1c9de39a0d3ff3d
parent acc0b2109c065f82169563f5390b2d316372e336
Author: Willy Goiffon <dev@z3bra.org>
Date:   Thu, 27 Jun 2019 15:45:47 +0200

Deny coredumps to protect sensitive data

Diffstat:
safe-agent.c | 7+++++++
safe.c | 7+++++++
2 files changed, 14 insertions(+), 0 deletions(-)

diff --git a/safe-agent.c b/safe-agent.c @@ -1,3 +1,4 @@ +#include <sys/resource.h> #include <sys/socket.h> #include <sys/stat.h> #include <sys/types.h> @@ -218,6 +219,7 @@ main(int argc, char *argv[]) int timeout, fd, dflag; size_t dirlen; char path[PATH_MAX] = SOCKDIR; + struct rlimit rlim; pid = getpid(); @@ -249,6 +251,11 @@ main(int argc, char *argv[]) sockp = path; } + /* deny core dump as memory contains derivated key */ + rlim.rlim_cur = rlim.rlim_max = 0; + if (setrlimit(RLIMIT_CORE, &rlim) < 0) + err(1, "setrlimit RLIMIT_CORE"); + if (dflag) { printf("SAFE_PID=%d; export SAFE_PID\n", pid); printf("SAFE_SOCK=%s; export SAFE_SOCK\n", sockp); diff --git a/safe.c b/safe.c @@ -1,3 +1,4 @@ +#include <sys/resource.h> #include <sys/socket.h> #include <sys/stat.h> #include <sys/types.h> @@ -383,6 +384,7 @@ main(int argc, char *argv[]) int fd, haskey = 0, hasmaster = 1, aflag = 0, pflag = 0; char *secret = NULL, *sockp = NULL, *safe = SAFE; struct safe s; + struct rlimit rlim; safe = getenv("SAFE_DIR"); sockp = getenv("SAFE_SOCK"); @@ -409,6 +411,11 @@ main(int argc, char *argv[]) sodium_mlock(s.key, sizeof(s.key)); + /* deny core dump as memory contains passwords and keys */ + rlim.rlim_cur = rlim.rlim_max = 0; + if (setrlimit(RLIMIT_CORE, &rlim) < 0) + err(1, "setrlimit RLIMIT_CORE"); + if (!safe) safe = SAFE;