Closed stridge-cruxml closed 1 year ago
Built with:
./configure --with-audit --disable-shared --without-rpm --prefix=/usr --with-deb
Thanks for the patch. I'll try to look at it soon.
OK, had a chance to look it over. Overall it's in pretty good shape. Matches the project's coding style. But I do have a couple minor suggestions.
That's it. Clean those up and we can merge it.
@stridge-cruxml were you going to update the patch or shall we clean it up? Thanks again for the contribution.
@stevegrubb sorry i missed your feedback! I am unable to work on this in the next month, but I do need this functionality in the next 3 months and I will work on it more if it is still needed then. You are more than welcome to take over though!
I don't know if dpkg has metadata for initial screening or not.
I have had a look and as far as I can tell it does not. I agree it is inefficient and should be improved. filter_check()
is a good start though and should be easy enough to implement.
For your other comments, I will fix them when I get a chance (unless you have already done it).
I am going to merge this and start fixing it. Looks like Fedora has a dpkg-devel which might be usable to at least check the compilation.
It seems that libdpkg links against MD5Init, MD5Update, and MD5Final. I don't think they are in openssl. Wonder what library provides that? Would it be libbsd?
Also, it now complains of multiple definitions of the symbol "debug". Looking with readelf, it sure looks like libdpkg indeed has a global function named "debug". That really should be name spaced to not collide with user programs.
Actually, it seems to be libmd. (Added detection to configure.ac) Only have the multiple definitions of debug left to fix and it's ready for testing.
This allows fapolicyd to read the md5 hashes from dpkg as a trust source. Add a deb_test binary to run the backend standalone for debugging.
Fixes #218
The approach used is to look at the md5 hashes from dpkg, verify they match then compute the sha256sum on the files again. This means fapolicyd is still using sha256 internally/everywhere else.
Unfortunately this means when running with
debdb
backend, this is only going to be secured with md5 which is still better than nothing.This is still a WIP. See the TODOs.