-
-
Notifications
You must be signed in to change notification settings - Fork 208
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
Try to make sudo less vulnerable to ROWHAMMER attacks.
We now use ROWHAMMER-resistent values for ALLOW, DENY, AUTH_SUCCESS, AUTH_FAILURE, AUTH_ERROR and AUTH_NONINTERACTIVE. In addition, we explicitly test for expected values instead of using a negated test against an error value. In the parser match functions this means explicitly checking for ALLOW or DENY instead of accepting anything that is not set to UNSPEC. Thanks to Andrew J. Adiletta, M. Caner Tol, Yarkin Doroz, and Berk Sunar, all affiliated with the Vernam Applied Cryptography and Cybersecurity Lab at Worcester Polytechnic Institute, for the report. Paper preprint: https://arxiv.org/abs/2309.02545
- Loading branch information
Showing
6 changed files
with
96 additions
and
54 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
|
|
@@ -19,12 +19,12 @@ | |
| #ifndef SUDO_AUTH_H | ||
| #define SUDO_AUTH_H | ||
|
|
||
| /* Auth function return values. */ | ||
| #define AUTH_SUCCESS 0 | ||
| #define AUTH_FAILURE 1 | ||
| #define AUTH_INTR 2 | ||
| #define AUTH_ERROR 3 | ||
| #define AUTH_NONINTERACTIVE 4 | ||
| /* Auth function return values (rowhammer resistent). */ | ||
This comment has been minimized.
Sorry, something went wrong.
This comment has been minimized.
Sorry, something went wrong.
millert
Author
Collaborator
|
||
| #define AUTH_SUCCESS 0x52a2925 /* 0101001010100010100100100101 */ | ||
| #define AUTH_FAILURE 0xad5d6da /* 1010110101011101011011011010 */ | ||
| #define AUTH_INTR 0x69d61fc8 /* 1101001110101100001111111001000 */ | ||
| #define AUTH_ERROR 0x1629e037 /* 0010110001010011110000000110111 */ | ||
| #define AUTH_NONINTERACTIVE 0x1fc8d3ac /* 11111110010001101001110101100 */ | ||
|
|
||
| typedef struct sudo_auth { | ||
| unsigned int flags; /* various flags, see below */ | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.
Makefile:
sudo_auth.h