Add optional process hardening
Hi,
I thought you might be interested in protecting sq
s memory from low-privileged attackers/malware that might be running on the same system. (You can't possibly protect from high-privileged attackers; when malware runs as root it is totally game-over.) This PR uses my secmem-proc
library for this. Disable the newly introduced harden
feature for easier debugging.
Feel free to close if you do not like it.
Disclaimer: I'm the author of secmem-proc
.
Examples
Linux:
> cargo build
[...]
> gdb -batch -ex run ./target/debug/sq
[...]
Error: program is being traced by the process with pid 38361
[...]
Windows:
Start any long running sq
operation (e.g. sq import
, where it will be waiting for input via stdin). With process hacker you can read and write to arbitrary parts of the memory of the sq
process. With the harden
feature enabled, process hacker will tell that it has insufficient privileges to access that memory (if process hacker is not running as admin of course).