bwx-cli 2.3.1

Unofficial Bitwarden CLI with first-class macOS support
Documentation 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57

use crate::bin_error;

// Prevent other user processes from attaching to the bwx agent and dumping
// memory This is not perfect protection, but closes a door. Unfortunately,
// prctl only works on Linux.
#[cfg(target_os = "linux")]
pub fn disable_tracing() -> bin_error::Result<()> {
    // https://github.com/torvalds/linux/blob/v5.11/include/uapi/linux/prctl.h#L14
    const PR_SET_DUMPABLE: i32 = 4;

    // safe because it's just a raw call to prctl, and the arguments are
    // correct
    let ret = unsafe { libc::prctl(PR_SET_DUMPABLE, 0) };
    if ret == 0 {
        Ok(())
    } else {
        let e = std::io::Error::last_os_error();
        Err(bin_error::Error::msg(format!("failed to disable PTRACE_ATTACH, agent memory may be dumpable by other processes: {e}")))
    }
}

#[cfg(target_os = "macos")]
pub fn disable_tracing() -> bin_error::Result<()> {
    // safety: correct arguments to ptrace
    // https://developer.apple.com/library/archive/documentation/System/Conceptual/ManPages_iPhoneOS/man2/ptrace.2.html
    let ret = unsafe {
        libc::ptrace(libc::PT_DENY_ATTACH, 0, std::ptr::null_mut(), 0)
    };
    if ret != 0 {
        let e = std::io::Error::last_os_error();
        return Err(bin_error::Error::msg(format!(
            "failed to deny debugger attach, agent memory may be readable by other processes: {e}"
        )));
    }

    // disable core dumps
    let rlim = libc::rlimit {
        rlim_cur: 0,
        rlim_max: 0,
    };
    // safety: correct argument
    // https://developer.apple.com/library/archive/documentation/System/Conceptual/ManPages_iPhoneOS/man2/setrlimit.2.html
    let ret = unsafe { libc::setrlimit(libc::RLIMIT_CORE, &raw const rlim) };
    if ret != 0 {
        let e = std::io::Error::last_os_error();
        return Err(bin_error::Error::msg(format!(
            "failed to disable core dumps, agent memory may be dumped to disk: {e}"
        )));
    }

    Ok(())
}

#[cfg(not(any(target_os = "linux", target_os = "macos")))]
pub fn disable_tracing() -> bin_error::Result<()> {
    Err(bin_error::Error::msg("failed to disable PTRACE_ATTACH, agent memory may be dumpable by other processes: unimplemented on this platform"))
}