Possible DOS due to blocking network handling

[jaseg]

Since all message sending is done in a blocking manner, inlined with the actual detection logic and since that is running in an infinite loop (side note: a delay or even better, some asynchronous notification systems such as inotify might be in order here), an attacker able to disrupt usb-canary may be able to stall it, preventing detection.

• [ ] Feature Request
• [x] Bug Report

Expected Behavior

usb-canary should operate and correctly log regardless of network conditions that might make the message sending code block.

Current Behavior

usb-canary will hang during bad network conditions.

Possible Solution

Handle message sending asynchronously, ideally with one asynchronous channel for every configured message channel.

Steps to Reproduce (for bugs)

Context

usb-canary at least on first glance looks like a security tool. Thus it should be secure.

Your Environment

This will likely affect all supported operating systems.

[errbufferoverfl]

Hi @jaseg,

Thanks for submitting an issue, this has been put into the roadmap. Again thanks for taking the time to contribute to USB Canary.