fix: audit MEDIUM fixes — D-Bus race, TOCTOU, FP reset, entry clear (v0.6.11) · 9dfd1829e9 - moonlock

fix: audit MEDIUM fixes — D-Bus race, TOCTOU, FP reset, entry clear (v0.6.11)

- fingerprint: split cleanup_dbus into a sync take_cleanup_proxy() + async
  perform_dbus_cleanup(). resume_async now awaits VerifyStop+Release before
  re-claiming, so fprintd cannot reject the Claim on a slow bus. stop()
  still spawns the cleanup fire-and-forget.
- fingerprint: remove failed_attempts = 0 from resume_async. An attacker
  with sensor control could otherwise cycle verify-match → account-fail →
  resume and never trip the 10-attempt cap.
- lockscreen: open the wallpaper with O_NOFOLLOW and build the texture
  from bytes, closing the TOCTOU between the symlink check and Texture::
  from_file.
- lockscreen: clear password_entry immediately after extracting the
  Zeroizing<String>, shortening the window the GLib GString copy stays in
  libc-malloc'd memory.

This commit is contained in:

nevaforget

2026-04-24 13:21:19 +02:00

parent 39d9cbb624

commit 9dfd1829e9

5 changed files with 81 additions and 24 deletions

									
										Cargo.toml
									
		+1
		-1
	
												View File
												
				@@ -1,6 +1,6 @@

				[package]

				name = "moonlock"

				version = "0.6.10"

				version = "0.6.11"

				edition = "2024"

				description = "A secure Wayland lockscreen with GTK4, PAM and fingerprint support"

				license = "MIT"