Commit Graph

5 Commits

Author SHA1 Message Date
Paul Spooren
29e7087cb5 docs(mem): fix docstring warnings
Signed-off-by: Paul Spooren <mail@aparcar.org>
2024-11-08 11:17:43 +01:00
Karolin Varner
53e560191f feat(API): Close API connections after error 2024-08-19 00:31:01 +02:00
Karolin Varner
48f7ff93e3 chore(API, AppServer): Deal with CryptoServer being uninit.
Before this, we would just raise an error.
2024-08-16 08:34:07 +02:00
Karolin Varner
6d47169a5c feat: Set CLOEXEC flag on claimed fds and mask them
Masking the file descriptors (by replaying them with a file descriptor pointing towards /dev/null)
mitigates use after free (on file descriptor) attacks. In case some
piece of code still holds a reference to the file descriptor, that
file descriptor now merely holds a reference to /dev/null.

Otherwise, the file descriptor might be reused and the reference
could now mistakenly point to all sorts of – potentially more harmful – files, such as memfd_secret
file descriptors, storing our secret keys.
2024-08-05 16:16:09 +02:00
Karolin Varner
86300ca936 chore: Use naming scheme without rosenpass- for crates 2023-11-26 10:38:24 +01:00