Fix 12 security findings from adversarial audit
CRITICAL: - #1+#2: Consistency proof verification no longer a stub — implements actual hash chain reconstruction from proof hashes, rejects proofs that don't reconstruct to the expected root. GossipNode._verify_consistency now calls verify_consistency_proof() instead of just checking sizes. - #3: Remove passphrase.lower() from KDF — was silently discarding case entropy from mixed-case passphrases. Passphrases are now case-sensitive as users would expect. - #4: Federation gossip now applies record_filter (trust store check) on every received record before appending to the log. Untrusted attestor fingerprints are rejected with a warning. - #5: Killswitch disables all logging BEFORE activation to prevent audit log from recording killswitch activity that could survive an interrupted purge. Audit log destruction moved to position 4 (right after keys + flask secret, before other data). HIGH: - #6: CSRF exemption narrowed from entire dropbox blueprint to only the upload view function. Admin routes retain CSRF protection. - #7: /health endpoint returns only {"status":"ok"} to anonymous callers. Full operational report requires authentication. - #8: Metadata stripping now reconstructs image from pixel data only (Image.new + putdata), stripping XMP, IPTC, and ICC profiles — not just EXIF. - #9: Same as #6 (CSRF scope fix). MEDIUM: - #11: Receipt HMAC key changed from public upload token to server-side secret key, making valid receipts unforgeable by the source or anyone who captured the upload URL. - #12: Docker CMD no longer defaults to --no-https. HTTPS with self-signed cert is the default; --no-https requires explicit opt-in. - #14: shred return code now checked — non-zero exit falls through to the zero-overwrite fallback instead of silently succeeding. Co-Authored-By: Claude Opus 4.6 (1M context) <noreply@anthropic.com>
This commit is contained in:
Aaron D. Lee
@@ -121,8 +121,11 @@ def create_app(config: SoosefConfig | None = None) -> Flask:
|
||||
app.register_blueprint(dropbox_bp)
|
||||
app.register_blueprint(federation_bp)
|
||||
|
||||
# Exempt drop box upload from CSRF (sources don't have sessions)
|
||||
csrf.exempt(dropbox_bp)
|
||||
# Exempt only the source-facing upload route from CSRF (sources don't have sessions).
|
||||
# The admin and verify-receipt routes in the dropbox blueprint retain CSRF protection.
|
||||
from frontends.web.blueprints.dropbox import upload as dropbox_upload
|
||||
|
||||
csrf.exempt(dropbox_upload)
|
||||
|
||||
# ── Context processor (injected into ALL templates) ───────────
|
||||
|
||||
@@ -237,9 +240,15 @@ def create_app(config: SoosefConfig | None = None) -> Flask:
|
||||
def health():
|
||||
"""System health and capability report.
|
||||
|
||||
Unauthenticated — returns what's installed, what's missing,
|
||||
and what's degraded. No secrets or key material exposed.
|
||||
Anonymous callers get only {"status": "ok"} — no operational
|
||||
intelligence. Authenticated users get the full report.
|
||||
"""
|
||||
# Anonymous callers get minimal response to prevent info leakage
|
||||
# (deadman status, key presence, memory, etc. are operational intel)
|
||||
if not auth_is_authenticated():
|
||||
from flask import jsonify
|
||||
return jsonify({"status": "ok", "version": __import__("soosef").__version__})
|
||||
|
||||
import platform
|
||||
import sys
|
||||
|
||||
|
||||
@@ -235,12 +235,16 @@ def upload(token):
|
||||
except Exception:
|
||||
pass # Attestation is best-effort; don't fail the upload
|
||||
|
||||
# Receipt code derived from file hash via HMAC — the source can
|
||||
# independently verify their receipt corresponds to specific content
|
||||
# Receipt code derived from file hash via HMAC with a server-side
|
||||
# secret. The source cannot pre-compute this (the token alone is
|
||||
# insufficient), making valid receipts unforgeable.
|
||||
import hmac
|
||||
|
||||
from soosef.paths import SECRET_KEY_FILE
|
||||
|
||||
server_secret = SECRET_KEY_FILE.read_bytes() if SECRET_KEY_FILE.exists() else token.encode()
|
||||
receipt_code = hmac.new(
|
||||
token.encode(), sha256.encode(), hashlib.sha256
|
||||
server_secret, sha256.encode(), hashlib.sha256
|
||||
).hexdigest()[:16]
|
||||
|
||||
receipts.append({
|
||||
|
||||
Reference in New Issue
Block a user