Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Hostname related information leaked from inxi, modprobe.d, systemd-analyze, dev and debs logs #145

Open
m7a opened this issue Dec 18, 2022 · 0 comments
Open

Hostname related information leaked from inxi, modprobe.d, systemd-analyze, dev and debs logs #145

m7a opened this issue Dec 18, 2022 · 0 comments

Comments

@m7a
Copy link

m7a commented Dec 18, 2022

Hello,

I am running Debian 11 Bullseye and to avoid using an outdated version have cloned the most recent git commit (ec3483d) to my local machine and invoked the script as follows:

./hw-probe.pl -all -save /tmp/probe9

The intention behind using -save rather than upload was to act as a pre-flight to find out if any interesting information uniquely identifying my system would be leaked. Using a grep with parts of my hostname and e-mail address over the resulting hw.info directory reported occurrences of sensitive information in the following logs:

  • inxi: Includes file system labels. On my system, file system labels also contain the hostname (or a variation thereof) and hence should not appear in the output. I'd go as far as suggesting to not include file system labels at all in the outputs independently of whether they contain sensitive information or not. One can work around this by using -log-level minimal.
  • modprobe.d: Includes file names. On my system, some self-created files exist there. These include the "organization" name (masysma). Not sure how this issue would best be solved, probably by supplying custom strings to cross out of the logs -- a similar thing seems to be proposed in Add exceptions or hide some information #80 already? Alternatively, I saw that I can disable this info by reducing the log level (which is an acceptable workaround I guess).
  • systemd-analyze: Similar to the modprobe case, there are some custom units defined here. I can work around this with -log-level minimal.
  • dev: This seems to be the most critical, since there is no easy way to work around the info appearing in the log. -disable dev did not have any effect when tested here? The device subtrees by-id and by-label both contain hostname information. Interestingly this is not only due to the fact that I prefer to name my HDDs according to the host name, but also may be the default of mdadm-based RAIDs on Debian?
  • debs: I have a lot of custom packages installed that all appear in the list, including one that directly contains the hostname (since it is a host-specific config package). I can work around this by using -log-level minimal

In summary: Some care is needed when running this tool on a heavily customized system.
The dev output should probably be filtered more agressively?

In the meantime, I can probably work around the issues by using a long command line like the following:

./hw-probe.pl -log-level minimal -disable dev -enable amixer,aplay,arecord,boot_efi,cpuid,dkms_status,efibootmgr,efivar,fdisk,input_devices,ioports,iostat,iwconfig,nmcli,smart-log,uptime,vainfo,vdpauinfo,vulkaninfo,xdpyinfo,xinput

And then editing dev by hand in the output, as suggested in #80?

Thanks in advance
Linux-Fan, Ma_Sys.ma
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
1 participant
@m7a