nimforum mirror - Automated Nim Packages Security Audit

juancarlospaco (orginal) [2020-04-26T03:28:10+02:00] view original

https://github.com/juancarlospaco/nim_packages_security_audit#fully-automated-nim-packages-security-audit

Examples:

https://github.com/juancarlospaco/nim_packages_security_audit/blob/master/z/zip.log

https://github.com/juancarlospaco/nim_packages_security_audit/blob/master/s/sass.log

https://github.com/juancarlospaco/nim_packages_security_audit/blob/master/w/webgui.log

More fresh data coming up everyday.

Araq (orginal) [2020-04-26T11:34:29+02:00] view original

How does it work? And what does it do?

Yardanico (orginal) [2020-04-26T19:32:58+02:00] view original

Seems like it's a python script which uses "ptrace" python module to trace different syscalls when installing packages, and it tracks how the package creates/removes directories, changes permissions, deletes and renames stuff https://github.com/juancarlospaco/nim_packages_security_audit/blob/master/z/zip.log

Seems okay but I don't feel like it's that useful, a malicious actor can always check if it's being run under some tool like this

federico3 (orginal) [2020-04-27T14:39:36+02:00] view original

malicious actor can always check if it's being run under some tool like this

Yes, or simply leave a vulnerability around that can be later exploited.

juancarlospaco (orginal) [2020-04-30T17:33:40+02:00] view original

I agree, a malicious actor can always just kick your door and hit you with a huge wrench.

juancarlospaco (orginal) [2020-06-08T13:59:52+02:00] view original

Help Wanted

If you develop some kind of library that does Plotting, Charts, Visualizations, etc on Nim, would be nice to have some cool visualizations with the dataset of those audit logs!.

Theres lots of data now... :)

Mirror of forum.nim-lang.org

6257 :: Automated Nim Packages Security Audit