Nathan N

There are many security related considerations in the tar archive format. I'm not a maintainer but I'd like to point that out for discussion.

Tar archives natively support being able to create symbolic links and block devices. Unix ZIP archives technically support that too, but the extract() function of Python's zipfile library (currently used...

Going to switch to `getauxval` of `AT_EXECFN` instead of using procfs, which should fix other issues too.

Notes: - apt cannot install packages when the `execvp` (6), `dlopen` (9), `fopen` (15), `fopen64` (16), and `__open64_2` (46) hooks are enabled (test case: `apt -y install sl && apt...

All `dlopen` exceptions are deleted. `execvp` exception narrowed to `/usr/bin/apt`.

The `execvp` issue may be identified. Environment set in Perl are not being passed to executed programs: ``` $ LD_PRELOAD=/path/to/libwhitebeam.so LD_AUDIT=/path/to/libwhitebeam.so LD_BIND_NOT=1 /usr/bin/perl -we 'local $ENV{EXAMPLE_ENV}="SET";exec "/usr/bin/printenv", "EXAMPLE_ENV";' $ /usr/bin/perl...

Reproducible outside of Perl: ``` $ LD_PRELOAD=/path/to/libwhitebeam.so LD_AUDIT=/path/to/libwhitebeam.so LD_BIND_NOT=1 /usr/bin/python3 -c 'import os;os.environ["EXAMPLE_ENV"]="SET";os.execvp("/usr/bin/printenv",["/usr/bin/printenv","EXAMPLE_ENV"]);' $ /usr/bin/python3 -c 'import os;os.environ["EXAMPLE_ENV"]="SET";os.execvp("/usr/bin/printenv",["/usr/bin/printenv","EXAMPLE_ENV"]);' SET ```

`execvp` workaround removed in [a84a612](https://github.com/WhiteBeamSec/WhiteBeam/commit/a84a612dd496e7b6c85e6ed52ae93f1bb0e060ef) (fixed).

Causes `service --status-all` to return `WhiteBeam: /usr/local/sbin/grep: Permission denied` on each line. Also: `zcat` with `gzip`'s path.

This would also eliminate needing to spawn a shell with the `whitebeam --auth` command, which must also be revised to read from stdin (for automation).