-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathchangelog
297 lines (239 loc) · 13.8 KB
/
changelog
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
redact (0.9.5) urgency=medium;
* Fixed compiler warnings and verified function
-- Bryan Hawkins <[email protected]> Tue, 23 Feb 2021 12:48:32 -0600
redact (0.9.4) urgency=low;
* Changed the way temporary files are deleted.
* Fixed a minor typo in tty_list.c and README.md.
-- Bryan Hawkins <[email protected]> Wed, 17 Jul 2019 06:09:59 -0500
redact (0.9.3) urgency=low;
* Fixed a minor error in when to seed the random number generator.
* Updated year in the license.
-- Bryan Hawkins <[email protected]> Tue, 16 Jul 2019 07:47:52 -0500
redact (0.9.2) urgency=low;
* Moved the call to clone_attrs() into the move_file function to simplify
the code.
* Renamed some of the arguments to functions to make their use clearer.
-- Bryan Hawkins <[email protected]> Sun, 08 Jul 2018 20:11:41 -0500
redact (0.9.1) urgency=low;
* Renamed the linked list and its source files to tty_list. This was
done to better describe the purpose of the linked list, which is to
store and track the user's TTYs.
-- Bryan Hawkins <[email protected]> Thu, 17 May 2018 13:11:28 -0500
redact (0.9.0); urgency=low;
* Changed the shred() function to always return -1 if an error occurred.
* Made changes to various comments.
* Updated README.md with information about new functionality.
-- Bryan Hawkins <[email protected]> Fri, 04 May 2018 16:55:41 -0500
redact (0.8.9); urgency=low;
* Fixed a bug in the extract_time function that caused valgrind to
complain about an uninitialized variable.
* Made a minor change to the extract_function.
-- Bryan Hawkins <[email protected]> Thu, 03 May 2018 14:53:18 -0500
redact (0.8.8); urgency=low;
* Added a function to delete files in a more secure manner. Now
the old log files are securely deleted in order to make forensic
recovery of the original log files difficult.
-- Bryan Hawkins <[email protected]> Tue, 01 May 2018 10:06:10 -0500
redact (0.8.7); urgency=low;
* Added a new option, -d which causes redact to only remove log entries
created in the last N days. The number of days being specified by
the user. For example, to only wipe entries created in the last
30 days, a user would run the program like so:
"./redact -a -d 30 USERNAME"
However, with this new option comes some issues. The main issue is
that the auth.log file does not contain the year in its timestamps,
so we infer the year based on the last modification time of the
auth.log log file. Also, to convert the string into a time required
the use of a somewhat uncommon function, strptime(). This may or
may not limit the program on how many systems it compiles on.
Finally, if the auth.log file time stamp format is different than
what is expected, it will fail to wipe entries based on age
in the auth.log file. The code may need some cleaning up as it was
kind of hacked in.
* Fixed some unnecessary use of defined constants.
* Fixed a logic error that let errors occur silently
* Improved the help screen to hopefully make it clearer which options
require arguments and what kind they accept.
* Added an example of using the -d option to the README.md file.
-- Bryan Hawkins <[email protected]> Sun, 29 Apr 2018 16:06:01 -0500
redact (0.8.6); urgency=low;
* Changed redact to not leave core files in the event of a failure.
* Added the -k option to back up the original log files before wiping
them. The files are backed up to the current working directory.
* Changed wipe_acct() to no longer print a message when exiting via the
bail() function.
* Removed an unneeded variable.
-- Bryan Hawkins <[email protected]> Thu, 12 Apr 2018 11:32:04 -0500
redact (0.8.5); urgency=low;
* Changed the variables that help parse the command line options from
global storage to local storage inside main().
* Removed some unneeded code that changed the version of the acct
structure depending on platform.
* Fixed the order of command line options in the help message.
* Removed redundant code.
* Updated the README.md file to reflect the current goals and remind
potential users that the program is still in beta.
-- Bryan Hawkins <[email protected]> Sun, 08 Apr 2018 12:16:54 -0500
redact (0.8.4); urgency=medium;
* Fixed a bug that when using the -a option to wipe all log files,
the auth.log file was not wiped.
* Removed old code that is no longer used.
-- Bryan Hawkins <[email protected]> Sat, 31 Mar 2018 13:25:23 -0500
redact (0.8.3); urgency=low;
* Minor code change to move the call to the bail function into the
function that wipes process accounting logs.
-- Bryan Hawkins <[email protected]> Wed, 28 Mar 2018 21:51:47 -0500
redact (0.8.2); urgency=low;
* Modified the wipe_utmp() function to improve code quality.
* Added a new feature that when wiping either all logs (-a option)
or the process accounting logs (-p option) the redact program name
will NOT show up in the process accounting logs. This is done in
the bail() function which is just a wrapper for the execl() function.
This function replaces the redact program in memory with the echo
program thus echo shows up in the log instead of redact.
-- Bryan Hawkins <[email protected]> Sun, 25 Mar 2018 11:48:30 -0500
redact (0.8.1); urgency=low;
* Fixed a minor bug in which some nodes were not correctly removed from
the linked list causing the size of the list to grow larger than needed.
-- Bryan Hawkins <[email protected]> Sat, 24 Mar 2018 15:10:44 -0500
redact (0.8.0); urgency=medium;
* Completely re-wrote the loop in the wipe_utmp() function to handle
wiping all entries created by the given user. The loop now tracks
the user's process creation and destruction in order to wipe all
possible entries created by the user, even if the user's name is not
in the log entry.
* Fixed a bunch of little code style issues with the linked list
implementation. Also added a new variable to the nodes of the linked
list to track the terminals used by the target user.
* Added new functions to the linked list implementation to handle
searching and deleting nodes based on TTY.
* Fixed the way the wipe_utmp() function behaves if the run with the
-i option to wipe entries by host. The function now wipes only
entries from that host and ignores all other entries. This is how
it should have behaved all along instead of wiping by host and user name.
* Added all new bugs!
-- Bryan Hawkins <[email protected]> Sat, 24 Mar 2018 10:02:33 -0500
redact (0.7.0); urgency=low;
* Added code to the program so we properly remove log out entries created
by the given user. Note that when a user logs out, a DEAD_PROCESS
entry is made in wtmp that is exactly like the login entry except
the user name is NUL'ed out/blank. This makes it hard to remove only
the dead process log entries attributed to our user. We used to simply
remove all entries with a NUL user field. However, we now do this by
tracking the process IDs of the user processes so that if we come across
a entry with type DEAD_PROCESS and the same PID, we remove it as it
was likely generated when the user logged out. We track the PIDs
with a linked list whose code is found in the proc_list.* files.
* Added a new task to the To Do list in the README.md file.
-- Bryan Hawkins <[email protected]> Thu, 22 Mar 2018 09:46:25 -0500
redact (0.6.3); urgency=medium;
* Fixed a bug where certain entries may be incorrectly removed
when wiping certain log files. This was caused by incorrect use
of the strncmp() function which could cause the username 'Fred'
to be declared equal to 'Fredrick'.
-- Bryan Hawkins <[email protected]> Sun, 18 Mar 2018 07:09:23 -0500
redact (0.6.2); urgency=low;
* Minor code improvements and clean up.
* Improved the project's documentation.
* Fixed a bug in wipe_acct() where memory was not freed if fopen()
failed to open the log file.
* Changed several functions to make them easier to be re-used in future
projects.
-- Bryan Hawkins <[email protected]> Sat, 17 Mar 2018 15:55:02 -0500
redact (0.6.1); urgency=low;
* Changed error messages to be more helpful and verbose.
* Changed the wipe_* functions to return void and exit on unrecoverable
error.
* Fixed a bug in that caused the program to exit prematurely due to a
misplaced call to exit().
-- Bryan Hawkins <[email protected]> Tue, 27 Feb 2018 10:55:06 -0600
redact (0.6.0); urgency=low;
* Added a function to generate temporary file names in the same directory
as a given log file. This way we do not have to change directories in
order to avoid failing to replace the log file because rename() cannot
move files across different partitions.
* Changed the way that temporary files are created. Temporary files are
now created with random names.
* Changed several functions to take the log file as a parameter instead
of relying on the pre-processor defines.
-- Bryan Hawkins <[email protected]> Sun, 25 Feb 2018 06:12:48 -0600
redact (0.5.2); urgency=low;
* Added additional error checking.
* Cleaned up comments in the code.
* Fixed a bug in wipe_fail which printed out incorrect information when
verbose mode is enabled.
* Fixed a bug in wipe_auth() that caused some log entries to not be wiped
* Changed the name of the args structure member acct to acctlog to
make the naming of args members more consistent.
-- Bryan Hawkins <[email protected]> Wed, 21 Feb 2018 12:22:09 -0600
redact (0.5.1); urgency=low;
* Fixed an error in the wipe_last() where it failed to wipe every
matching entry in the lastlog file.
* Fixed a bug in wipe_last() that wiped every lastlog entry when using
the -i option which wipes all entries that were made from a specific
host.
* Fixed an off-by-one bug in wipe_last() in which it printed the wrong
number of records found when in verbose mode and a host specified.
* Added error checking to fputs() calls.
-- Bryan Hawkins <[email protected]> Tue, 20 Feb 2018 08:19:52 -0600
redact (0.5.0); urgency=low;
* Changed several functions, so that if an unrecoverable error occurs
while wiping a log file, we delete all temporary files created during
the process. This ensures that if an error occurs, we do not leave any
temporary log files hanging around that were in the process of being
redacted.
* Removed unnecessary variables to decrease stack usage in functions.
* Added an option to wipe the btmp log file which logs failed
authentication attempts.
* Added an option and function to wipe the auth.log log file by removing
all entries that contain the given username or the user's UID. The
auth.log file contains system authorization information.
* Updated the README.md file.
-- Bryan Hawkins <[email protected]> Sun, 18 Feb 2018 07:47:30 -0600
redact (0.4.0); urgency=low;
* Added a function to wipe the system's process accounting log file.
* Added verbose output for all the functions that wipe files.
-- Bryan Hawkins <[email protected]> Sat, 17 Feb 2018 12:40:59 -0600
redact (0.3.1); urgency=low;
* Changed the names of several functions to use a more consistent pattern
of function names throughout the program.
* Fixed a logic error where the condition could never be true.
* Changed the get_userid() function to put the user ID in one
of the arguments and return an integer indicating if an error occurred.
-- Bryan Hawkins <[email protected]> Fri, 16 Feb 2018 12:00:15 -0600
redact (0.3.0); urgency=low;
* Added a function and command line option to wipe the faillog log file.
The only way to wipe this log file is by username, so if the host
command-line option is used, it will be ignored by this function.
-- Bryan Hawkins <[email protected]> Thu, 15 Feb 2018 20:57:17 -0600
redact (0.2.0); urgency=low;
* Added new command line options and changed program to allow the user
to specify which log files should be modified at run time.
* Remove reliance on the UT_HOSTSIZE and UT_NAMESIZE constants as not
every operating system provides them, and this is not their original
purpose.
* Removed the preprocessor defines that allowed compilation on FreeBSD
as there is a lot of work to make the program run on both FreeBSD and
Linux. This feature will be re-implemented at a later date.
* Modified the wipe_utmp function so that a single function (wipe_utmp)
is used to wipe multiple log files (wtmp, utmp, btmp) provided they
use the utmp data structure.
-- Bryan Hawkins <[email protected]> Tue, 13 Feb 2018 15:13:37 -0600
redact (0.1.0); urgency=medium:
* Added several #ifdef statements to hopefully enable this program to
successfully compile and run on FreeBSD systems. In 2010, FreeBSD
removed utmp.h and related data structures and replaced them with
utmpx.h and struct utmpx data structures.
-- Bryan Hawkins <[email protected]> Mon, 12 Feb 2018 21:07:01 -0600
redact (0.0.2); urgency=low:
* Added a function to remove log entries from the lastlog log file that
match either a given user name or host IP address.
* Fixed a bug in the wipe_utmp() function that failed to replace the old
log file with the new one. This occurred on Linux because the utmp log
is located in /run which is a tmpfs partition and rename fails when
moving files between partitions. To fix, we simply change directories
before creating the temporary file and change back to our old working
directory when finished. An alternative would be to use the system()
function and rely on the system's mv command to replace utmp.
-- Bryan Hawkins <[email protected]> Sat, 10 Feb 2018 12:15:45 -0600
use the 'date -R' command to make the date string.