search

LeChatP / RootAsRole

A memory-safe and security-oriented alternative to sudo/su commands
https://lechatp.github.io/RootAsRole/
GNU General Public License v3.0
172 stars 7 forks source link

Please push this to cargo crates.io #58

Open berkus opened 1 month ago

berkus commented 1 month ago

I want to be able to install this with just cargo binstall rootasrole.

LeChatP commented 1 month ago

Hey, thanks for the request and for showing interest in the tool! I can definitely add this crate to crates.io (and I think I will).

However, you won’t be able to install RootAsRole with cargo install or even cargo binstall in the way you might expect. The main reason is that installing it requires administrative privileges. While you can technically run cargo install as root. It will compile the program as root with all privileges; and that is quite ""insecure"" since you don’t need root permissions just to compile something. And if you do install it as root, the binary will end up in /root/.cargo folder, which means only the root user can access it.

Also, RootAsRole depends on a config file located at /etc/security/rootasrole.json, and that file needs to be deployed with certain verifications to lock it with the IMMUTABLE bit for security reasons (which requires again a specific privilege). So, the install process is a bit more involved than a typical Rust crate. That's why installing RaR with cargo install may mislead and be inconsistent.

For now, I've written the installation program entirely in Rust through an xtask sub-project which handles all the subtleties of the installation, as well as respecting the principle of least privilege by itself.

Let me know if you have more questions or if you have a good solution to this! Cheers, Eddie

berkus commented 1 month ago

Since it is an xtask already, can it be set up to require sudo/elevated privileges only for the installation bit itself?

e.g. cargo install runs as normal user building a binary, but the post-build xtask will ask for elevation and then MOVE the binary and the corresponding config file to the right places?

LeChatP commented 1 month ago

The current xtask program is managing dependencies installation, building, installing, and configuring. when executing cargo xtask install -bip sudo it install dependencies, builds and install by using sudo (or sr if it is already installed 😜 ) only when needed.

I've just searched a bit, and it seems that it's not possible to modify the behaviour of the cargo install command, it seems that cargo install is reserved for unprivileged binaries that have no other use cases that go outside the user scope.

I think that the last alternative is to request publishing the package on OS official repositories

LeChatP commented 1 month ago

RootAsRole is now published on crates.io. Some adjustments were made to make it possible. I think that was necessary to claim the name on the platform. However, as it is not possible to install RootAsRole with cargo install command, I disabled it in build.rs.

Note to myself: If I run cargo build in the build.rs, it creates deadlock as cargo is already building the project. I think this can be bypassed, but I think it may create unexpected behaviors.