Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Move scary $PATH clipboard utility scan out of init() to as-needed #63

Open
tstromberg opened this issue May 18, 2022 · 0 comments · May be fixed by #64
Open

Move scary $PATH clipboard utility scan out of init() to as-needed #63

tstromberg opened this issue May 18, 2022 · 0 comments · May be fixed by #64

Comments

@tstromberg
Copy link

tstromberg commented May 18, 2022
edited
Loading

A concerned user reported that one of our security tools was scanning for clipboard programs:

694472 newfstatat(AT_FDCWD, "/home/n/.go/bin/xclip", 0xc0001ab968, 0) = -1 ENOENT (No such file or directory)
694472 newfstatat(AT_FDCWD, "/home/n/.go/bin/xclip", 0xc0002fc448, 0) = -1 ENOENT (No such file or directory)
694472 newfstatat(AT_FDCWD, "/home/n/.local/bin/xclip", 0xc0002fc6b8, 0) = -1 ENOENT (No such file or directory)
694472 newfstatat(AT_FDCWD, "/home/n/bin/xclip", 0xc0002fc788, 0) = -1 ENOENT (No such file or directory)
694472 newfstatat(AT_FDCWD, "/home/n/.cargo/bin/xclip", 0xc0002fc858, 0) = -1 ENOENT (No such file or directory)
694472 newfstatat(AT_FDCWD, "/usr/local/bin/xclip", 0xc0002fc928, 0) = -1 ENOENT (No such file or directory)
694472 newfstatat(AT_FDCWD, "/usr/local/sbin/xclip", 0xc0002fc9f8, 0) = -1 ENOENT (No such file or directory)
694472 newfstatat(AT_FDCWD, "/usr/bin/xclip", 0xc0002fcac8, 0) = -1 ENOENT (No such file or directory)
694472 newfstatat(AT_FDCWD, "/usr/sbin/xclip", 0xc0002fcb98, 0) = -1 ENOENT (No such file or directory)
694472 newfstatat(AT_FDCWD, "/home/n/.go/bin/xsel", 0xc0002fcc68, 0) = -1 ENOENT (No such file or directory)

Since our program does nothing with the clipboard, I was concerned that this might be a supply-chain security attack, so we dug into the dependencies and found this library:

$ go mod graph | egrep -i 'clip|chirp'
x.dev/xctl github.com/atotto/[email protected]
github.com/charmbracelet/[email protected] github.com/atotto/[email protected]

On investigation, we saw that the clipboard library causes a filesystem scan to occur on import:

https://github.com/atotto/clipboard/blob/master/clipboard_unix.go#L51-L97

It would be preferable if this filesystem scan was done as needed rather than at import, not only for binary startup performance but because it's less scary for users when they see this in system call traces.

PS - thank you for the fantastic robust library you have put together.
@tstromberg tstromberg changed the title Move scary $PATH clipboard utility scan from import to as-needed Move scary $PATH clipboard utility scan out of init() to as-needed May 18, 2022
@tstromberg tstromberg linked a pull request May 18, 2022 that will close this issue
Open
@raymonstah raymonstah mentioned this issue Mar 21, 2023
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

Successfully merging a pull request may close this issue.

unix: move clipboard utility discovery out of init() tstromberg/clipboard
1 participant
@tstromberg