Please add password protection when updating the database about aide HOT 6 CLOSED

As said above, if someone has root access to the server, they don't need to know the database or signing password; they can simply alter other parts of the OS (like your shell or the kernel) to hide their activities and replace the aide binary to generate forged reports.

from aide.

if the application gets full access to the server through the vulnerability, then this application will be able to update the AIDE database and write new files to the system as if they were always there.

I'm sorry, but I cannot follow. What application or vulnerability are you talking about?

Please add password protection when updating the database

If this issue is actually about adding password protection for the AIDE database please adjust the issue title accordingly.

from aide.

I'm sorry, but I cannot follow. What application or vulnerability are you talking about?

1. the program checked the systems and wrote all the data to a file
2. a virus entered the system through a vulnerability and gained full access to the system
3. the virus has written itself into the system files: /usr/bin/virus
4. the virus sees the aide program in the system
5. there is no password in the system to write data to the aide database file, the virus runs a system check and data recording, while it does not block sending data to the mail and the user does not know anything
6. the virus is in the system, but it will not be possible to find out about it, it has become legitimate and the data about it has already been recorded in the aide database file

a similar situation will be for the tripwire program, where if a password is required and its input is required to write data to a file, but the virus will not be able to go beyond the 5th point

If this issue is actually about adding password protection for the AIDE database please adjust the issue title accordingly.

this is the vulnerability it is equivalent to the fact that you have an account without a password. I don't understand how you haven't done protection yet as in a similar tripwire program

from aide.

1. the program checked the systems and wrote all the data to a file
2. a virus entered the system through a vulnerability and gained full access to the system
3. the virus has written itself into the system files: /usr/bin/virus
4. the virus sees the aide program in the system
5. there is no password in the system to write data to the aide database file, the virus runs a system check and data recording, while it does not block sending data to the mail and the user does not know anything
6. the virus is in the system, but it will not be possible to find out about it, it has become legitimate and the data about it has already been recorded in the aide database file

a similar situation will be for the tripwire program, where if a password is required and its input is required to write data to a file, but the virus will not be able to go beyond the 5th point

A password protection of the database simply gives you a false sense of security. If an experienced attacker has full (aka root) access to the machine, they can for example simply exchange the binary to generate a new database file and forged reports; or they exchange your $SHELL binary, the kernel or some libraries to rig the behaviour of the tool.

Apart from that, there is an open feature request for database and configuration signing (see #7); but this feature also won't help you entirely with this attack vector.

If this issue is actually about adding password protection for the AIDE database please adjust the issue title accordingly.

this is the vulnerability it is equivalent to the fact that you have an account without a password. I don't understand how you haven't done protection yet as in a similar tripwire program

Your title suggests that there is a vulnerability (within AIDE) that gives you full access to a machine. This is plain wrong and misleading. Hence I changed the issue title now.

Additionally I close this issue as wontfix (in favour of #7).

from aide.

there is another attack vector. If two people have access to the server, then someone can install a malicious program and go unnoticed because the program can record data without knowing the password. I agree that you need to be able to sign the settings file and database as you said in this ticket #7

I ask you to provide an attack vector when the password protects not only from an attack from the outside, but also from an attack when several legitimate users have access to the server.

from aide.

but this is much more difficult to do if there is a password to protect. Unnecessary actions for a hacker, especially if he is poorly prepared, will help to become an obstacle

from aide.