security: AT_EXECFN validation + audit.yml (#154, #155)

#154: Reject setuid multicall invocations where argv[0] doesn't match
AT_EXECFN from the ELF auxiliary vector. Prevents an attacker from
spoofing argv[0] to route the multicall binary to a different tool
in setuid context. Only enforced when euid != uid.

#155: Add daily cargo-audit workflow matching uutils/coreutils pattern.
Also triggers on Cargo.toml/Cargo.lock changes.

Fixes #154. Fixes #155.
This commit is contained in:
Pierre Warnier
2026-04-22 18:13:36 +02:00
parent 86af8fc45b
commit 4ecf63ec1f
4 changed files with 72 additions and 0 deletions
+2
View File
@@ -74,6 +74,8 @@ tempfile = "3"
[dependencies]
clap = { workspace = true }
clap_complete = { workspace = true, optional = true }
shadow-core = { path = "src/shadow-core" }
rustix = { workspace = true }
# Tool crates (optional, enabled by features)
passwd = { optional = true, version = "0.2.0", package = "uu_passwd", path = "src/uu/passwd" }