This repository contains the accompanying code for the publication "Secure Logging in between Theory and Practice: Security Analysis of the Implementation of Forward Secure Log Sealing in Journald" (in this repository or on eprint). For details on the individual vulnerabilities and theoretical background we refer to the publication. The three vulnerabilities mentioned are:
This vulnerability allows forging arbitrary logs. This vulnerability is caused by a missing check. A patch suggestion is available in CVE-2023-31439.patch.
This vulnerability allows unnoticed truncation of logs. It can be partly mitigated by CVE-2023-31438-incomplete.patch.
This vulnerability allows hiding some log entries from log output displayed using filters like journalctl -u "systemd-*.service".
This project can be built and imported into an IDE as a regular gradle project.
The attack described in the publication can be reproduced by running Attacker.main.
To use a different systemd implementation as target, adjust JournalSystem#createInstance and provide the path to the desired build directory in there.