yoohoo

internal/security/privileges.go

@@ -0,0 +1,249 @@
+package security
+
+import (
+	"fmt"
+	"os"
+	"os/exec"
+	"syscall"
+
+	"git.gostacks.org/iwasforcedtobehere/WiseTLP/autotlp/pkg/utils"
+)
+
+// PrivilegeManager handles privilege escalation and security operations
+type PrivilegeManager struct {
+	logger *utils.Logger
+}
+
+// NewPrivilegeManager creates a new privilege manager
+func NewPrivilegeManager(logger *utils.Logger) *PrivilegeManager {
+	return &PrivilegeManager{
+		logger: logger.WithComponent("security"),
+	}
+}
+
+// RequireRoot ensures the current operation has root privileges
+func (pm *PrivilegeManager) RequireRoot(operation string) error {
+	if os.Geteuid() == 0 {
+		return nil
+	}
+
+	pm.logger.Info("Root privileges required", "operation", operation)
+	return fmt.Errorf("operation '%s' requires root privileges", operation)
+}
+
+// EscalateIfNeeded escalates privileges if not already running as root
+func (pm *PrivilegeManager) EscalateIfNeeded(args []string, operation string) error {
+	if os.Geteuid() == 0 {
+		return nil
+	}
+
+	pm.logger.Info("Escalating privileges", "operation", operation)
+
+	// Check if sudo is available
+	if !utils.CommandExists("sudo") {
+		return fmt.Errorf("sudo is required for privilege escalation but not available")
+	}
+
+	// Inform user about privilege escalation
+	fmt.Printf("\nPrivilege escalation required for: %s\n", operation)
+	fmt.Println("This operation needs administrative privileges to:")
+
+	switch operation {
+	case "install_tlp":
+		fmt.Println("- Install TLP packages using system package manager")
+		fmt.Println("- Enable and start TLP systemd service")
+		fmt.Println("- Mask conflicting power management services")
+	case "apply_config":
+		fmt.Println("- Write TLP configuration to system directories")
+		fmt.Println("- Reload TLP service with new configuration")
+	case "system_info":
+		fmt.Println("- Access hardware information from system files")
+		fmt.Println("- Read power management settings")
+	default:
+		fmt.Printf("- Perform system operation: %s\n", operation)
+	}
+
+	if !utils.GetUserConfirmation("Continue with privilege escalation?") {
+		return fmt.Errorf("privilege escalation declined by user")
+	}
+
+	// Execute with sudo
+	return pm.executeSudo(args)
+}
+
+// executeSudo executes the current program with sudo
+func (pm *PrivilegeManager) executeSudo(args []string) error {
+	// Get current executable path
+	executable, err := os.Executable()
+	if err != nil {
+		return fmt.Errorf("failed to get executable path: %w", err)
+	}
+
+	// Prepare sudo command
+	sudoArgs := append([]string{executable}, args...)
+	cmd := exec.Command("sudo", sudoArgs...)
+
+	// Preserve environment variables that might be needed
+	cmd.Env = os.Environ()
+
+	// Connect stdio
+	cmd.Stdin = os.Stdin
+	cmd.Stdout = os.Stdout
+	cmd.Stderr = os.Stderr
+
+	pm.logger.Info("Executing with sudo", "command", cmd.String())
+
+	// Execute the command
+	err = cmd.Run()
+	if err != nil {
+		if exitError, ok := err.(*exec.ExitError); ok {
+			// Get exit code from the elevated process
+			if status, ok := exitError.Sys().(syscall.WaitStatus); ok {
+				os.Exit(status.ExitStatus())
+			}
+		}
+		return fmt.Errorf("sudo execution failed: %w", err)
+	}
+
+	// If we reach here, the elevated process completed successfully
+	os.Exit(0)
+	return nil // This line will never be reached
+}
+
+// CheckSudoAccess verifies that the user can use sudo
+func (pm *PrivilegeManager) CheckSudoAccess() error {
+	if os.Geteuid() == 0 {
+		return nil // Already root
+	}
+
+	if !utils.CommandExists("sudo") {
+		return fmt.Errorf("sudo command not available")
+	}
+
+	// Test sudo access with a harmless command
+	cmd := exec.Command("sudo", "-n", "true")
+	if err := cmd.Run(); err != nil {
+		// -n flag failed, user needs to authenticate
+		pm.logger.Debug("Sudo authentication required")
+		return nil // This is expected for most users
+	}
+
+	pm.logger.Debug("Sudo access confirmed without authentication")
+	return nil
+}
+
+// DropPrivileges drops root privileges if running as root
+func (pm *PrivilegeManager) DropPrivileges() error {
+	if os.Geteuid() != 0 {
+		return nil // Not running as root
+	}
+
+	// Get the original user info from environment
+	sudoUID := os.Getenv("SUDO_UID")
+	sudoGID := os.Getenv("SUDO_GID")
+
+	if sudoUID == "" || sudoGID == "" {
+		pm.logger.Warn("Cannot drop privileges: SUDO_UID/SUDO_GID not set")
+		return nil // Don't fail, just log warning
+	}
+
+	pm.logger.Info("Dropping root privileges", "uid", sudoUID, "gid", sudoGID)
+
+	// This is a placeholder - actual privilege dropping requires careful handling
+	// and is typically done at the start of the program, not mid-execution
+	pm.logger.Debug("Privilege dropping not implemented for mid-execution")
+
+	return nil
+}
+
+// ValidateSystemAccess validates that the program has necessary system access
+func (pm *PrivilegeManager) ValidateSystemAccess() error {
+	// Check read access to system information
+	systemPaths := []string{
+		"/proc/cpuinfo",
+		"/proc/meminfo",
+		"/sys/class/power_supply",
+		"/sys/devices/system/cpu",
+	}
+
+	for _, path := range systemPaths {
+		if utils.FileExists(path) {
+			// Try to read the file/directory
+			if file, err := os.Open(path); err != nil {
+				pm.logger.Warn("Limited access to system path", "path", path, "error", err)
+			} else {
+				file.Close()
+			}
+		}
+	}
+
+	return nil
+}
+
+// SecureFilePermissions sets secure permissions on configuration files
+func (pm *PrivilegeManager) SecureFilePermissions(filePath string) error {
+	// Set file permissions to be readable only by owner and group
+	if err := os.Chmod(filePath, 0640); err != nil {
+		return fmt.Errorf("failed to set secure permissions on %s: %w", filePath, err)
+	}
+
+	pm.logger.Debug("Set secure file permissions", "file", filePath, "mode", "0640")
+	return nil
+}
+
+// ValidateInput performs basic input validation for security
+func ValidateInput(input string, maxLength int, allowedChars string) error {
+	if len(input) > maxLength {
+		return fmt.Errorf("input too long: %d characters (max %d)", len(input), maxLength)
+	}
+
+	if len(input) == 0 {
+		return fmt.Errorf("input cannot be empty")
+	}
+
+	// Basic validation against null bytes and control characters
+	for i, r := range input {
+		if r == 0 {
+			return fmt.Errorf("null byte at position %d", i)
+		}
+		if r < 32 && r != 9 && r != 10 && r != 13 { // Allow tab, LF, CR
+			return fmt.Errorf("control character at position %d", i)
+		}
+	}
+
+	return nil
+}
+
+// SanitizeFilePath sanitizes file paths to prevent directory traversal
+func SanitizeFilePath(path string) (string, error) {
+	// Basic path validation
+	if path == "" {
+		return "", fmt.Errorf("empty path")
+	}
+
+	// Check for directory traversal attempts
+	if len(path) > 1 && (path[0] == '/' || path[1] == ':') {
+		// Absolute path - this might be intentional, so we allow it
+		// but log it for security awareness
+	}
+
+	// Check for dangerous patterns
+	dangerousPatterns := []string{
+		"../",
+		"..\\",
+		"./",
+		".\\",
+	}
+
+	for _, pattern := range dangerousPatterns {
+		if len(path) >= len(pattern) {
+			for i := 0; i <= len(path)-len(pattern); i++ {
+				if path[i:i+len(pattern)] == pattern {
+					return "", fmt.Errorf("potentially dangerous path pattern: %s", pattern)
+				}
+			}
+		}
+	}
+
+	return path, nil
+}