Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

How to pause to avoid capturing passwords? #216

Open
MatthieuStigler opened this issue May 14, 2020 · 9 comments
Open

How to pause to avoid capturing passwords? #216

MatthieuStigler opened this issue May 14, 2020 · 9 comments

Comments

@MatthieuStigler
Copy link

Hi

I would like to avoid to capture my passwords in the logfile. One strategy would be to pause logkeys for a bit. Have you considered adding a -pause option? Or do you have any script to recommend to stop, wait a bit and restart (using previously selected device, possibly manually inputted)?

Thanks!
@kernc
Copy link
Owner

kernc commented May 14, 2020

What happens if you killall -STOP logkeys and killall -CONT logkeys afterwards? Does it get the events it missed?

@MatthieuStigler
Copy link
Author

Thanks for your quick answer!

This is a good idea, although the issue is that I start logkeys with sudo, so to killall I also need sudo, so the sudo password will be stored in the logfile (making it extremely easy to detect for someone who could have access to the log file).

I realize the same problem would happen if logkey had a --pause option but was started in sudo, so I guess the question is actually: what is the recommended way to use logkey in a secure way?

Thanks a lot!

@kernc
Copy link
Owner

kernc commented May 15, 2020

Does the above sudo killall ... method work without logging your password characters, or do they backfill when the process is resumed?

@MatthieuStigler
Copy link
Author

doing the first sudo killall -STOP already enters the password into the log, so it seems dangeous to use that approach?

Thanks!

@mFIND
Copy link

mFIND commented May 19, 2020

My take at this issue would be to create new script, /usr/local/etc/logkeys-pause.sh doing $(kilall -STOP logkeys), and a new program, let's say "llkp" with the same permissions as "llkk".
Would this approach be acceptable?

@kernc
Copy link
Owner

kernc commented May 19, 2020

The problem with shell scripts is that they can't setuid, so sudo password would still be required.

@MatthieuStigler
Copy link
Author

it seems hence that using the method with sudo is difficult? Another approach would maybe try to not use sudo but yet to write to an encrypted file? do you have any recommendation or suggestions about this approach instead?

thanks a lot!

@kernc
Copy link
Owner

kernc commented May 20, 2020
edited
Loading

to write to an encrypted file?

Something like:

$ sudo logkeys ... -o - | mcrypt --force --flush > logkeys.log

$ cat logkeys.log | mcrypt --decrypt

@mFIND
Copy link

mFIND commented May 20, 2020
edited by kernc
Loading

I know that scripts can't use setuid, that's why I suggested writing new setuid'ed program in C:
That way, the script won't need setuid, since llkp would have UID=0.

#include <cstdlib>
#include <unistd.h>

int main() {
  setuid(0);
  exit(system(SYS_CONF_DIR "/logkeys-pause.sh"));  // SYS_CONF_DIR defined in CXXFLAGS in Makefile.am
}

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@MatthieuStigler @kernc @mFIND