vaultwarden
/
goldwarden-vaultwarden-bitwarden-client
mirror of https://github.com/quexten/goldwarden.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

Move processsecurity into submodule

This commit is contained in:
Bernd Schoolmann 2023-08-24 03:22:03 +02:00
parent 81ec11a779
commit f8821f123d
No known key found for this signature in database
4 changed files with 21 additions and 7 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

8
agent/processsecurity/other.go Normal file
View File

@ -0,0 +1,8 @@
//go:build windows || darwin
package processsecurity
func DisableDumpale() error {
// no additional dumping protection
return nil
}

9
agent/processsecurity/unix.go Normal file
View File

@ -0,0 +1,9 @@
//go:build linux || freebsd
package processsecurity
import "golang.org/x/sys/unix"
func DisableDumpable() error {
return unix.Prctl(unix.PR_SET_DUMPABLE, 0, 0, 0, 0)
}

8
agent/unixsocketagent.go
View File

@ -12,12 +12,12 @@ import (
"github.com/quexten/goldwarden/agent/bitwarden"
"github.com/quexten/goldwarden/agent/bitwarden/crypto"
"github.com/quexten/goldwarden/agent/config"
"github.com/quexten/goldwarden/agent/processsecurity"
"github.com/quexten/goldwarden/agent/sockets"
"github.com/quexten/goldwarden/agent/ssh"
"github.com/quexten/goldwarden/agent/vault"
"github.com/quexten/goldwarden/ipc"
"github.com/quexten/goldwarden/logging"
"golang.org/x/sys/unix"
)
const (
@ -93,10 +93,6 @@ func serveAgentSession(c net.Conn, ctx context.Context, vault *vault.Vault, cfg
}
}
func disableDumpable() error {
return unix.Prctl(unix.PR_SET_DUMPABLE, 0, 0, 0, 0)
}
type AgentState struct {
vault *vault.Vault
config *config.ConfigFile
@ -144,7 +140,7 @@ func StartUnixAgent(path string, runtimeConfig config.RuntimeConfig) error {
}
}
disableDumpable()
processsecurity.DisableDumpable()
if !runtimeConfig.WebsocketDisabled {
go bitwarden.RunWebsocketDaemon(ctx, vault, &cfg)
}

3
agent/virtualagent.go
View File

@ -11,6 +11,7 @@ import (
"github.com/quexten/goldwarden/agent/bitwarden"
"github.com/quexten/goldwarden/agent/bitwarden/crypto"
"github.com/quexten/goldwarden/agent/config"
"github.com/quexten/goldwarden/agent/processsecurity"
"github.com/quexten/goldwarden/agent/sockets"
"github.com/quexten/goldwarden/agent/vault"
"github.com/quexten/goldwarden/ipc"
@ -111,7 +112,7 @@ func StartVirtualAgent(runtimeConfig config.RuntimeConfig) (chan []byte, chan []
}
}
}
disableDumpable()
processsecurity.DisableDumpable()
go func() {
for {
time.Sleep(TokenRefreshInterval)