Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Allow probing destructive methods when running unprivileged #141

Open
mrc0mmand opened this issue Jan 29, 2024 · 2 comments
Open

Allow probing destructive methods when running unprivileged #141

mrc0mmand opened this issue Jan 29, 2024 · 2 comments

Comments

@mrc0mmand
Copy link
Member

mrc0mmand commented Jan 29, 2024

I think it would be great if it was possible to skip destructive methods when dfuzzer is privileged enough to actually call them and call them when it's unprivileged. It should make it possible to poke all those polkit/dbus rules.

Originally posted by @evverx in #140 (comment)

@mrc0mmand
Copy link
Member Author

(Just filing it as a new issue, so it won't get lost)

One potential solution could be, maybe, introducing "destruct-ability levels", that would be paired with a corresponding dfuzzer option. I.e. you would have levels 0 and 1 defined as "always destructive" and "destructive when privileged", then some kind of tag that could be used in the suppression file, and then by running dfuzzer --level=1 you'd run only "destructive when privileged" methods + any untagged methods. Similarly, --level=0 would run all methods from the previous case + "always destructive" ones. Or something like that. Just an idea I got after reading #140 (comment).

@evverx
Copy link
Member

evverx commented Jan 29, 2024

I'd go with something like

methodA destructive
methodB alwaysdestructive

and run methodA in unprivileged mode. In privileged mode they both would be skipped. The modes could be detected automatically depending on whether dfuzzer is run as root or not.

--level=0 would run all methods from the previous case + "always destructive" ones

Having thought about this I think it can't be covered because if all the methods were allowed in privileged mode dfuzzer would just reboot the machine before it could reach the other methods.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Labels
None yet
Projects
None yet
Development

No branches or pull requests

2 participants