logo logo

 Back to main page

The NWNX Community Forum

 FAQFAQ   SearchSearch   MemberlistMemberlist   UsergroupsUsergroups   RegisterRegister 
 ProfileProfile   Log in to check your private messagesLog in to check your private messages   Log inLog in 
 
nwnx_security: seccomp framework, gff validator

 
Post new topic   Reply to topic    nwnx.org Forum Index -> Linux development
View previous topic :: View next topic  
Author Message
elven



Joined: 28 Jul 2006
Posts: 259
Location: Germany

PostPosted: Fri Mar 25, 2016 19:39    Post subject: nwnx_security: seccomp framework, gff validator Reply with quote

Hi,

due to recent events, I'm here to present a experimental plugin that has features I will eventually merge into nwnx2-linux upstream.

In it's current state, it adds protection against:

* malicious character files uploaded on creation for servervaults only
* basic ptrace or execve-based shellcode exploits

Please note that this code is experimental and hasn't seen huge amounts of testing. Regardless, it has helped curtailing some prickly asshat trying to crash popular servers by uploading broken bic files.

All features are optional and can be turned off in the ini.

The sourcecode can be found here: https://code.silm.pw/projects/NWNX/repos/security/browse

A prebuilt release can be found here:
https://n.e-ix.net/nwnx2-linux/nwnx_security_1.zip
MD5 5a4732a03c787f724b22fc72bbf66455
SHA256 c86d1b4e232c6aea04694e17619c19714b31418131d18c9d036853dcfce54537

The zip file includes the default configuration options. I'd suggest you peruse them before running the plugin (but best build it from source!)

To build, you need libseccomp2-dev installed. To use the seccomp code, you need libseccomp2 installed.

This plugin is temporary and all it's functionality will eventually be merged into nwnx2-linux core, probably in modified form (with pluginlink hooks).

I don't plan on publishing a windows port myself.
_________________
silm.pw, a player-driven Forgotten Realms NWN1 persistent world for tinkerers.
Back to top
View user's profile Send private message
ShaDoOoW



Joined: 20 Aug 2005
Posts: 561

PostPosted: Sat Mar 26, 2016 10:21    Post subject: Reply with quote

I was trying to fix this in my nwnx_patch plugin but with no success to make it global (I have working method but it requires some local adjustions which isnt very good).

I dont understand the code much, could you pm me a details how this works? I wasnt able to use anything on the CRes structure to check its validity without causing nwn server to crash.
_________________
Community Patch / NWNX Patch / NWNX Files / NWNX Connect
Back to top
View user's profile Send private message
elven



Joined: 28 Jul 2006
Posts: 259
Location: Germany

PostPosted: Sat Mar 26, 2016 14:14    Post subject: Reply with quote

ShaDoOoW wrote:
I was trying to fix this in my nwnx_patch plugin but with no success to make it global (I have working method but it requires some local adjustions which isnt very good).

I dont understand the code much, could you pm me a details how this works? I wasnt able to use anything on the CRes structure to check its validity without causing nwn server to crash.


This works by hooking the file upload the player client does when creating a new character. It parses the raw byte stream as gff and checks if it is to spec - that is, offsets are correct, within bounds, field types have sane values, and so on.

It doesn't go through resman, which would be needed to check all gff data coming into nwserver. Just calling CRes is not going to work, resman is a bit more complicated than that. Additionally, hooking the relevant resman functions in a second plugin will walk over nwnx_resman (and break it).

I was thinking about injecting pluginlink events into core, so that the fix would happen there, and resman might use them, but that's for the future.

The goal for this fix was to stop user-facing exploits related to uploading broken characters, and that's working (barring any bugs). Next step will be localvault characters, though I don't think there's (m)any servers left using it?
_________________
silm.pw, a player-driven Forgotten Realms NWN1 persistent world for tinkerers.
Back to top
View user's profile Send private message
Display posts from previous:   
Post new topic   Reply to topic    nwnx.org Forum Index -> Linux development All times are GMT + 2 Hours
Page 1 of 1

 
Jump to:  
You cannot post new topics in this forum
You cannot reply to topics in this forum
You cannot edit your posts in this forum
You cannot delete your posts in this forum
You cannot vote in polls in this forum


Powered by phpBB © 2001, 2005 phpBB Group