-
Bug
-
Resolution: Unresolved
-
Normal
-
rhel-7.9.z
-
None
-
Moderate
-
sst_security_special_projects
-
ssg_security
-
None
-
False
-
-
None
-
None
-
- aide does not truncate hash
-
None
-
None
-
If docs needed, set a value
-
-
Unspecified
-
None
Description of problem:
Aide truncates the sha256 hash while the check is performed. Not sure if it is printing issue only or if it actually saves the truncated data to the DB.
Version-Release number of selected component (if applicable):
aide-0.15.1-13.el7_9.1
How reproducible:
100%
Steps to Reproduce:
1. # cat > /root/aide/aide.conf <<EOF
syslog_format=yes
@@define DBDIR /root/aide/db
@@define LOGDIR /root/aide/log
database=file:@@
database_out=file:@@{DBDIR}
/aide.db.out.gz
gzip_dbout=yes
verbose=5
report_url=file:@@
/aide.log
report_url=stdout
/root/aide/data p+u+g+sha256
EOF
2. # mkdir -p /root/aide/data
3. # echo 'y' > /root/aide/data/file1
4. # aide -i -c /root/aide/aide.conf
5. # mv -f /root/aide/db/aide.db.out.gz /root/aide/db/aide.db.gz
6. # echo 'B' > /root/aide/data/file1
7. # aide --check -c /root/aide/aide.conf
Actual results:
file=/root/aide/data/file2;SHA256_old=O7Krtp67J/v+Y8djliTG7F4zG4QaW8jD;SHA256_new=wM3nf6j++X1HbBCq09LVT8wvM2FA0HNl
Expected results:
file=/root/aide/data/file2;SHA256_old=O7Krtp67J/v+Y8djliTG7F4zG4QaW8jD68ELkoXpCHc=;SHA256_new=wM3nf6j++X1HbBCq09LVT8wvM2FA0HNlHC3Mzx43n9Y=
Additional info:
this is fixed in rhel-8 and later
