This repository has been archived by the owner on Nov 9, 2018. It is now read-only.
Possible DOS due to blocking network handling #14
Assignees
Labels
Projects
Comments
|
Hi @jaseg, Thanks for submitting an issue, this has been put into the roadmap. Again thanks for taking the time to contribute to USB Canary. |
errbufferoverfl
added
the
up next
Sign up for free
to subscribe to this conversation on GitHub.
Already have an account?
Sign in.
Since all message sending is done in a blocking manner, inlined with the actual detection logic and since that is running in an infinite loop (side note: a delay or even better, some asynchronous notification systems such as inotify might be in order here), an attacker able to disrupt usb-canary may be able to stall it, preventing detection.
Expected Behavior
usb-canary should operate and correctly log regardless of network conditions that might make the message sending code block.
Current Behavior
usb-canary will hang during bad network conditions.
Possible Solution
Handle message sending asynchronously, ideally with one asynchronous channel for every configured message channel.
Steps to Reproduce (for bugs)
Context
usb-canary at least on first glance looks like a security tool. Thus it should be secure.
Your Environment
This will likely affect all supported operating systems.
The text was updated successfully, but these errors were encountered: