# from sources using libcfgrpt.a
$ strings src/lib/process/cfgrpt/.libs/libcfgrpt.a | sed -n 's/;;;; //p'
-- ``-X`` - As of Kea 3.0, disables secruity restrictions. The server will
+- ``-X`` - As of Kea 3.0, disables security restrictions. The server will
still check for violations but will emit warning logs when they are found
rather than fail with an error. Please see
:ref:`sec-kea-runtime-security-risk-checking` for details.
# from sources using libcfgrpt.a
$ strings src/lib/process/cfgrpt/.libs/libcfgrpt.a | sed -n 's/;;;; //p'
-- ``-X`` - As of Kea 3.0, disables secruity restrictions. The server will
+- ``-X`` - As of Kea 3.0, disables security restrictions. The server will
still check for violations but will emit warning logs when they are found
rather than fail with an error. Please see
:ref:`sec-kea-runtime-security-risk-checking` for details.
# from sources using libcfgrpt.a
$ strings src/lib/process/cfgrpt/.libs/libcfgrpt.a | sed -n 's/;;;; //p'
-- ``-X`` - As of Kea 3.0, disables secruity restrictions. The server will
+- ``-X`` - As of Kea 3.0, disables security restrictions. The server will
still check for violations but will emit warning logs when they are found
rather than fail with an error. Please see
:ref:`sec-kea-runtime-security-risk-checking` for details.
# from sources using libcfgrpt.a
$ strings src/lib/process/cfgrpt/.libs/libcfgrpt.a | sed -n 's/;;;; //p'
-- ``-X`` - As of Kea 3.0, disables secruity restrictions. The server will
+- ``-X`` - As of Kea 3.0, disables security restrictions. The server will
still check for violations but will emit warning logs when they are found
rather than fail with an error. Please see
:ref:`sec-kea-runtime-security-risk-checking` for details.
components.
The three primary Kea daemons (:iscman:`kea-dhcp4`, :iscman:`kea-dhcp6` and :iscman:`kea-dhcp-ddns`) all support a control
-channel, which is implemented as a UNIX socket. The control channel, which opens a UNIX socket, is disabled by default;
+channel, which is implemented as a UNIX socket. The control channel, which opens a UNIX socket, is disabled by default.
.. _sec-kea-runtime-security-risk-checking:
==================================
Runtime security risk checking was initially added to Kea daemons :iscman:`kea-dhcp4`,
-:iscman:`kea-dhcp6`, :iscman:`kea-dhcp-ddns`, :iscman:`kea-ctrl-agent`. in 2.7.9.
-In Kea 3.0 additional checks were added. By default, when a daemon detects a security
-risk it emits an error log and exits. The following checks are performed:
+:iscman:`kea-dhcp6`, :iscman:`kea-dhcp-ddns`, :iscman:`kea-ctrl-agent`. in Kea 2.7.9
+release. In Kea 3.0 additional checks were added. By default, when a daemon detects
+a security risk it emits an error log and exits. The following checks are performed:
- Use of unsupported file paths or permissions as detailed in :ref:`sec-summary-of-path-restrictions`
LOG_WARN(dhcp4_logger, DHCP4_DEVELOPMENT_VERSION);
}
- if (amRoot()) {
+ if (amRunningAsRoot()) {
LOG_WARN(dhcp4_logger, DHCP4_ROOT_USER_SECURITY_WARN);
}
LOG_WARN(dhcp6_logger, DHCP6_DEVELOPMENT_VERSION);
}
- if (amRoot()) {
+ if (amRunningAsRoot()) {
LOG_WARN(dhcp6_logger, DHCP6_ROOT_USER_SECURITY_WARN);
}
namespace {
/// @brief Test fixture for testing commands for the host-cache library
-//class CommandTest : public ::testing::Test {
class CommandTest : public LogContentTest {
public:
/// @brief Constructor
try {
filename = CfgMgr::instance().validatePath(file->stringValue());
} catch (const SecurityWarn& ex) {
- LOG_WARN(lease_cmds_logger, LEASE_CMDS_PATH_SECURITY_WARNING)
+ LOG_WARN(lease_cmds_logger, LEASE_CMDS_PATH_SECURITY_WARN)
.arg(ex.what());
filename = file->stringValue();
} catch (const std::exception& ex) {
extern const isc::log::MessageID LEASE_CMDS_LEASES6_COMMITTED_FAILED = "LEASE_CMDS_LEASES6_COMMITTED_FAILED";
extern const isc::log::MessageID LEASE_CMDS_LEASES6_COMMITTED_LEASE_ERROR = "LEASE_CMDS_LEASES6_COMMITTED_LEASE_ERROR";
extern const isc::log::MessageID LEASE_CMDS_LOAD_ERROR = "LEASE_CMDS_LOAD_ERROR";
-extern const isc::log::MessageID LEASE_CMDS_PATH_SECURITY_WARNING = "LEASE_CMDS_PATH_SECURITY_WARNING";
+extern const isc::log::MessageID LEASE_CMDS_PATH_SECURITY_WARN = "LEASE_CMDS_PATH_SECURITY_WARN";
extern const isc::log::MessageID LEASE_CMDS_RESEND_DDNS4 = "LEASE_CMDS_RESEND_DDNS4";
extern const isc::log::MessageID LEASE_CMDS_RESEND_DDNS4_FAILED = "LEASE_CMDS_RESEND_DDNS4_FAILED";
extern const isc::log::MessageID LEASE_CMDS_RESEND_DDNS6 = "LEASE_CMDS_RESEND_DDNS6";
"LEASE_CMDS_LEASES6_COMMITTED_FAILED", "reason: %1",
"LEASE_CMDS_LEASES6_COMMITTED_LEASE_ERROR", "evaluating binding-variables for lease: %1 for: %2, reason: %3",
"LEASE_CMDS_LOAD_ERROR", "loading Lease Commands hooks library failed: %1",
- "LEASE_CMDS_PATH_SECURITY_WARNING", "lease file path specified is NOT SECURE: %1",
+ "LEASE_CMDS_PATH_SECURITY_WARN", "lease file path specified is NOT SECURE: %1",
"LEASE_CMDS_RESEND_DDNS4", "lease4-resend-ddns command successful: %1",
"LEASE_CMDS_RESEND_DDNS4_FAILED", "lease4-resend-ddns command failed: %1",
"LEASE_CMDS_RESEND_DDNS6", "lease6-resend-ddns command successful: %1",
extern const isc::log::MessageID LEASE_CMDS_LEASES6_COMMITTED_FAILED;
extern const isc::log::MessageID LEASE_CMDS_LEASES6_COMMITTED_LEASE_ERROR;
extern const isc::log::MessageID LEASE_CMDS_LOAD_ERROR;
-extern const isc::log::MessageID LEASE_CMDS_PATH_SECURITY_WARNING;
+extern const isc::log::MessageID LEASE_CMDS_PATH_SECURITY_WARN;
extern const isc::log::MessageID LEASE_CMDS_RESEND_DDNS4;
extern const isc::log::MessageID LEASE_CMDS_RESEND_DDNS4_FAILED;
extern const isc::log::MessageID LEASE_CMDS_RESEND_DDNS6;
The lease6-wipe command has failed. Both the reason as well as the
parameters passed are logged.
-% LEASE_CMDS_PATH_SECURITY_WARNING lease file path specified is NOT SECURE: %1
+% LEASE_CMDS_PATH_SECURITY_WARN lease file path specified is NOT SECURE: %1
This warning message is issued when security enforcement is disabled
and the path portion of the `filename` parameter of the lease4-write
or lease6-write command does not comply with the supported path. The
"}";
std::ostringstream os;
- os << "LEASE_CMDS_PATH_SECURITY_WARNING lease file path specified is NOT SECURE:"
+ os << "LEASE_CMDS_PATH_SECURITY_WARN lease file path specified is NOT SECURE:"
<< " invalid path specified: '/tmp', supported path is '"
<< CfgMgr::instance().getDataDir() << "'";
} else {
secret = getString(key_config, "secret");
if (file::PathChecker::shouldEnforceSecurity()) {
- isc_throw(D2CfgError, "use of clear text TSIG 'secret' is NOT SECURE ("
+ isc_throw(D2CfgError, "use of clear text TSIG 'secret' is NOT SECURE"
<< " (" << getPosition("secret", key_config)
<< ")");
} else {
EXPECT_EQ(data::prettyPrint(cfg.toElement()), exp_cfg);
}
-} // Anonymous namespae
+} // Anonymous namespace
file::PathChecker::enableEnforcement(true);
}
- /// @brief Desstructor.
+ /// @brief Destructor.
virtual ~BasicHttpAuthConfigTest() {
file::PathChecker::enableEnforcement(true);
}
LOG_WARN(dctl_logger, DCTL_DEVELOPMENT_VERSION);
}
- if (file::amRoot()) {
+ if (file::amRunningAsRoot()) {
LOG_WARN(dctl_logger, DCTL_ROOT_USER_SECURITY_WARN)
.arg(app_name_);
}
#include <dirent.h>
#include <fcntl.h>
+#include <unistd.h>
using namespace isc;
using namespace isc::util::str;
}
}
-bool amRoot() {
+bool amRunningAsRoot() {
return (getuid() == 0 || geteuid() == 0);
}
isc::Exception(file, line, what) {}
};
-/// @brief A generic exception that is thrown if a parameter given
-/// violates security check but enfordement is lax.
-
/// @brief Get the content of a regular file.
///
/// @param file_name The file name.
/// @return True if either the uid or the effective
/// uid is root.
bool
-amRoot();
+amRunningAsRoot();
/// @brief Paths on a filesystem
struct Path {
/// @return validated path as a string (supported path + input file name)
///
/// @throw BadValue if the input path does not include a file name.
- /// SecurityError if the parent path does not path the supported path and
+ /// @trhow SecurityError if the parent path does not path the supported path and
/// security is being enforced, SecurityWarn if it is not being enforced.
std::string validatePath(const std::string input_path_str,
bool enforce_path = shouldEnforceSecurity()) const;
projects / thirdparty / kea.git / commitdiff
