KOS- Advanced Secure Handheld PC Operating System - ComputerCraft Forums (archive)

Kizz #1

99 posts

Location Louisville, Kentucky

Posted 16 April 2015 - 07:29 PM

Kizz Operating System

Or KOS for short, is a basic, lightweight, "high security" operating system for advanced handheld PC's.

KOS is a work in progress!

Version: 1.6

Features:

Fully adaptable environment for the Advanced Tablet.
Simple and easy to follow usage.
First use account creation. Make sure you're the first person to run KOS upon installing, or you may have a security breach!
Full username and password auth.
Multi-level authentication that supports guest users and the like.
Non-terminable runtime and login. Prevents snoopers editing passwords or bypassing the auth.
Auto-Logout! After 300 seconds, the system will log out. Users can extend this up to 24 hours.
Easy to add multiple accounts.
Ready for expansion! Now that you have a safe environment, you can begin building your remote door control systems and the like.
Full logging!
Password hashing
Auto installer!
Can't call rom/programs/edit or rom/programs/delete
Usable GUI and terminal mode

Coming soon:

Terminable programs outside the runtime
More OS functions!
~~GUI and UI support~~
Ability to create more auth levels.

I would love to hear suggestions and I am always happy to hear criticisms and comments. Keep it friendly though please.

License: Anyone may use, copy, edit or redistribute KOS, but please cite me in your works. (Kizz). KOS is not to be sold for profit under any circumstance.

The GUI:

Non-Terminable Login:

Logging in:

Homescreen:

Logout and runtime tab:

Auth restrictions:

Loging:

Finally, the download!

Auto installer: http://pastebin.com/UzfMm1hx

KOS can be tracked here: https://github.com/kizz12/KOS

~~Make sure to remove the .lua from the file names before running!~~

Credits:

I used this (broken) API to help forge my GUI. I would like to credit account.username for the API. I did have to change it a lot though.
Thanks to everyone who helped me fix issues in Ask a Pro!
Thanks to all those who are posting bugs and specifically TsarN!
Just implemented touch

Edited on 24 April 2015 - 06:34 PM

Creator #2

2679 posts

Location You will never find me, muhahahahahaha

Posted 16 April 2015 - 08:08 PM

Why don't you remove the .lua. I mean you are trying to get us interested in KOS. Add pastebin installer. Nobody'll dowload it from github.

flaghacker #3

656 posts

Posted 16 April 2015 - 08:13 PM

You should probably look into hashing the passwords and maybe even usernames, as storing them in a plain text file isn't secure at all.

Kizz #4

99 posts

Location Louisville, Kentucky

Posted 21 April 2015 - 01:27 PM

Updated to add auto installer from pastebin.

Kizz #5

99 posts

Location Louisville, Kentucky

Posted 21 April 2015 - 02:18 PM

Added password hashing

TsarN #6

29 posts

Posted 21 April 2015 - 03:51 PM

Security issues
You can run

/rom/programs/edit /users

and set your access level to whatever you want(no matter what access level you have now)
You can run

rm *

to delete everything(no matter what access level you have)

Edited on 21 April 2015 - 01:51 PM

Kizz #7

99 posts

Location Louisville, Kentucky

Posted 21 April 2015 - 04:36 PM

Added prevention of deleting core files. (direct path can still be used. Currently no great solutions for this. There is no way to delete or edit files in KOS until the user logs in. Only give guest accounts to beginners and trusted users ;)/> )

Edited on 21 April 2015 - 04:32 PM

Kizz #8

99 posts

Location Louisville, Kentucky

Posted 21 April 2015 - 06:33 PM

Update: Removed ability to remotely access the rom edit and delete commands.

TsarN #9

29 posts

Posted 21 April 2015 - 07:12 PM

I can't use "edit" and "rm" other than in root directory. Also, you can still edit protected files via lua code.

Kizz #10

99 posts

Location Louisville, Kentucky

Posted 21 April 2015 - 07:14 PM

I doubt this will change. You can still edit FROM the root directory and call the edit files from /edit <filename>.

If you're able to write a program to use fs and edit OS files, then you shouldn't be able to log in. If you're allowing a user into the OS that can do this, then it is your own security flaw. I would have to disable the entire FS api to fix that.

Creator #11

2679 posts

Location You will never find me, muhahahahahaha

Posted 21 April 2015 - 07:17 PM

Why don't you try sandboxing the apps?

Kizz #12

99 posts

Location Louisville, Kentucky

Posted 21 April 2015 - 07:52 PM

Not exactly sure what sandboxing is. Is there more information on this?

Offhand: Updated to prevent use of ////(etc…)/rom/programs/edit and delete, removed ability to use blank username and pass.

Creator #13

2679 posts

Location You will never find me, muhahahahahaha

Posted 21 April 2015 - 07:55 PM

Sandboxing is when you assign a custom environement to a function. This means that you can control fs.open() by defining it in a different way. A env is a table. You assing an env to a func by ding this:


setfenv(func,env)

Hope I helped you

Kizz #14

99 posts

Location Louisville, Kentucky

Posted 21 April 2015 - 08:00 PM

Currently this function runs in my runtime to prevent pathing to the old edit file.


function protect()
local combine = fs.combine
local oldFs = fs.open
--print'OS Protect active!'
fs.open = function(path,...)
  if combine("/",path) == "rom/programs/edit" then
   --print'Failed to call edit!'
   return
  end
  if combine("/",path) == "rom/programs/delete" then
   --print'Failed to call delete!'
   return
  end
  if combine("/",path) ~= "rom/programs/delete" then
   return oldFs(path,...)
  end
end
end

Is this similar to what you are describing?

Edited on 21 April 2015 - 06:01 PM

Creator #15

2679 posts

Location You will never find me, muhahahahahaha

Posted 21 April 2015 - 08:03 PM

This is my env:

Spoiler


--[[
Sandbox
environment
by Creator
for TheOS
]]--
--Variables--
local oldGetfenv = getfenv
local oldLoadfile = loadfile
local globalName = ""
--Functions--
function newEnv(permission, name)
globalName = name
if permission == "admin" then
  return "global"
else
  return "user" , customEnv()
end
end
local function customEnv()
local envToReturn = {
  redstone = redstone,
  gps = gps,
  _VERSION = _VERSION,
  keys = keys,
  printError = printError,
  peripheral = peripheral,
  assert = assert,
  getfenv = function(a)
   if type(a) == "number" then
	oldGetfenv(1)
   elseif type(a) == "function" then
	oldGetfenv(a)
   else
	error("Expected function or number, got "..type(a))
   end end,
  bit = bit,
  rawset = rawset,
  tonumber = tonumber,
  loadstring = function(str) local func = loadstring(str) setfenv(func,getfenv(1))end,
  error = error,
  tostring = tostring,
  type = type,
  coroutine = {
   create = coroutine.create,
   resume = coroutine.resume,
   running = coroutine.running,
   status = coroutine.status,
   wrap = coroutine.wrap,
  },
  disk = disk,
  window = window,
  next = next,
  unpack = unpack,
  colours = colours,
  pcall = pcall,
  sleep = sleep,
  loadfile = function(a)
   local func = oldLoadfile(a)
   setfenv(func,getfenv(1))
   end,
  math = math,
  pairs = pairs,
  fs = {
   combine = fs.combine,
   isReadOnly = function(path) return fs.isReadOnly("OmniOS/Programs/"..globalName..".app/"..path) end,
   getSize = function(path) return fs.getSize("OmniOS/Programs/"..globalName..".app/"..path) end,
   move = function(path1,path2) return fs.move("OmniOS/Programs/"..globalName..".app/"..path1,"OmniOS/Programs/"..globalName..".app/"..path2) end,
   exists = function(path) return fs.exists("OmniOS/Programs/"..globalName..".app/"..path) end,
   copy = function(path1,path2) return fs.copy("OmniOS/Programs/"..globalName..".app/"..path1,"OmniOS/Programs/"..globalName..".app/"..path2) end,
   getFreeSpace = function(path) return fs.getFreeSpace("OmniOS/Programs/"..globalName..".app/"..path) end,
   makeDir = function(path) return fs.makeDir("OmniOS/Programs/"..globalName..".app/"..path) end,
   find = function(path) return fs.find("OmniOS/Programs/"..globalName..".app/"..path) end,
   getDir = fs.getDir,
   delete = function(path) return fs.delete("OmniOS/Programs/"..globalName..".app/"..path) end,
   open = function(path,...) return fs.open("OmniOS/Programs/"..globalName..".app/"..path,...) end,
   list = function(path) return fs.list("OmniOS/Programs/"..globalName..".app/"..path) end,
   getDrive = function(path) return fs.getDrive("OmniOS/Programs/"..globalName..".app/"..path) end,
   getName = fs.getName,
   isDir = function(path) return fs.isDir("OmniOS/Programs/"..globalName..".app/"..path) end,
  },
  rawget = rawget,
  _G = envToReturn,
  __inext = __inext,
  read = read,
  rednet = rednet,
  ipairs = ipairs,
  xpcall = xpcall,
  os = os,
  help = help,
  io = io,
  rawequal = rawequal,
  setfenv = setfenv,
  rs = rs,
  http = http,
  write = write,
  string = string,
  setmetatable = setmetatable,
  print = print,
  getmetatable = getmetatable,
  table = table,
  parallel = parallel,
  dofile = function(path) dofile("OmniOS/Programs/"..globalName..".app/"..path) end,
  textutils = textutils,
  term = term,
  colors = colors,
  vector = vectors,
  select = select,
  paintutils = paintutils,
}
return envToReturn
end

Take a look at this if you want to learn some more.

Edited on 21 April 2015 - 06:05 PM

Kizz #16

99 posts

Location Louisville, Kentucky

Posted 21 April 2015 - 08:08 PM

That's actually really nice. I will look more into this. I understand it pretty well, and what I have done is similar, but you've overwritten all api's which is nice. And it's taken care of all at once.

Creator #17

2679 posts

Location You will never find me, muhahahahahaha

Posted 21 April 2015 - 08:17 PM

Modify it to suit you needs if you want. In this case don't forget to give credit. Also look at the github since all the apis work tightly together and the arguments passed may be hard to understand. ;)/>

Kizz #18

99 posts

Location Louisville, Kentucky

Posted 21 April 2015 - 08:22 PM

Yea I won't be ripping any of your work. I may use a similar method, but in general none of my work is 100% mine. Likely 100's of people have written some of the code I've used. Some things even come directly from the wiki ;D. My OS is just a learning experience for me, plus the community here is soo cool, it's just fun to see how many Lua wizards can improve my work.

This is also my very first larger project, my first OS and my first go at a serious secure program. From inside minecraft, 95% of CC users would never be able to hack into my OS. Specifically with the login system.

Edited on 21 April 2015 - 06:24 PM

biggest yikes #19

biggest yikes's profile picture

673 posts

Posted 21 April 2015 - 09:54 PM

You can crash "master" by setting the second parameter of the "extendme" event to a string


os.queueEvent("extendme", "foo")

It'll try to compare a string with a number, which never goes well, does it?

Edited on 21 April 2015 - 07:58 PM

Kizz #20

99 posts

Location Louisville, Kentucky

Posted 22 April 2015 - 01:46 AM

Nice find! Thanks! I'll fix that tomorrow.

Anavrins #21

Anavrins's profile picture

756 posts

Posted 22 April 2015 - 02:18 AM

Little tip about storing passwords
https://www.youtube....h?v=8ZtInClXe1Q

Posting this since I am able, even as a Guest, to get the user's hashes.

Edited on 22 April 2015 - 12:18 AM

Kizz #22

99 posts

Location Louisville, Kentucky

Posted 22 April 2015 - 12:53 PM

Anavrins, on 22 April 2015 - 02:18 AM said:
Little tip about storing passwords
https://www.youtube....h?v=8ZtInClXe1Q

Posting this since I am able, even as a Guest, to get the user's hashes.

Yea, I had thought of using a salt as well, but with a sha256 hash on a computercraft OS with no currently seen methods to access the hash without logging in, I am not too concerned. If you really need that much security, then don't allow guests.

My major concern is making sure there are no up front vulnerabilities and fixing any bugs that crash the OS or have unwanted results. I will come back and make it more secure but I would really like to move on to working on a GUI.

Kizz #23

99 posts

Location Louisville, Kentucky

Posted 22 April 2015 - 01:15 PM

Update: Fixed extend crashing on non numeric entry.

Kizz #24

99 posts

Location Louisville, Kentucky

Posted 22 April 2015 - 08:41 PM

Updated to 1.5! Added a basic GUI and framework. More to come, enjoy!

Edit: I used this (broken) API to help forge my GUI. I would like to credit account.username for the API. I did have to change it a lot though.

Edited on 22 April 2015 - 06:53 PM

Creator #25

2679 posts

Location You will never find me, muhahahahahaha

Posted 22 April 2015 - 08:52 PM

I think your os is great. Get a +1. I think it is your fisrt +1

Kizz #26

99 posts

Location Louisville, Kentucky

Posted 22 April 2015 - 08:54 PM

;D Thanks Creator! It's got a long way to go, but it's making progress!

Edited on 22 April 2015 - 06:54 PM

Creator #27

2679 posts

Location You will never find me, muhahahahahaha

Posted 22 April 2015 - 08:55 PM

It's kind of ironic that your setup says "Welcome to the user creator"

Kizz #28

99 posts

Location Louisville, Kentucky

Posted 22 April 2015 - 08:58 PM

~~Yea, I run the user creator if no users file exists. It's the first-use event. I should probably hide that for that instance ;D~~

My bad… your name is creator… you bolded creator… my brain… is slow!

Edited on 22 April 2015 - 06:58 PM

Kizz #29

99 posts

Location Louisville, Kentucky

Posted 24 April 2015 - 08:27 PM

Update 1.6!

Added a new GUI API (touchpoint)
Improved GUI
Added guest GUI support
Fixed several security bugs, improved gui support for programs

biggest yikes #30

biggest yikes's profile picture

673 posts

Posted 24 April 2015 - 10:09 PM

For me it still says "KOS 1.4.2", even after reinstalling.

Anavrins #31

Anavrins's profile picture

756 posts

Posted 26 April 2015 - 08:47 PM

Kizz, on 22 April 2015 - 12:53 PM said:
Anavrins, on 22 April 2015 - 02:18 AM said:
Little tip about storing passwords
https://www.youtube....h?v=8ZtInClXe1Q

Posting this since I am able, even as a Guest, to get the user's hashes.

Yea, I had thought of using a salt as well, but with a sha256 hash on a computercraft OS with no currently seen methods to access the hash without logging in, I am not too concerned. If you really need that much security, then don't allow guests.

My major concern is making sure there are no up front vulnerabilities and fixing any bugs that crash the OS or have unwanted results. I will come back and make it more secure but I would really like to move on to working on a GUI.

What an incompetent answer from a supposedly "Secure" OS, why make a "Guest" feature if it's downright insecure to do so…

Kizz #32

99 posts

Location Louisville, Kentucky

Posted 27 April 2015 - 12:48 PM

Anavrins, on 26 April 2015 - 08:47 PM said:
Kizz, on 22 April 2015 - 12:53 PM said:
Anavrins, on 22 April 2015 - 02:18 AM said:
Little tip about storing passwords
https://www.youtube....h?v=8ZtInClXe1Q

Posting this since I am able, even as a Guest, to get the user's hashes.

Yea, I had thought of using a salt as well, but with a sha256 hash on a computercraft OS with no currently seen methods to access the hash without logging in, I am not too concerned. If you really need that much security, then don't allow guests.

My major concern is making sure there are no up front vulnerabilities and fixing any bugs that crash the OS or have unwanted results. I will come back and make it more secure but I would really like to move on to working on a GUI.
What an incompetent answer from a supposedly "Secure" OS, why make a "Guest" feature if it's downright insecure to do so…

Incompetent? Don't be an ass. If you re-read the main post, this is still in development. I'm no professional so stop expecting perfect. If you want perfect, go make it yourself.

Atenefyr, on 24 April 2015 - 10:09 PM said:
For me it still says "KOS 1.4.2", even after reinstalling.

~~Yea, I will fix this.~~ Fixed

Edited on 27 April 2015 - 11:03 AM

biggest yikes #33

biggest yikes's profile picture

673 posts

Posted 02 May 2015 - 07:29 PM

Kizz, on 27 April 2015 - 12:48 PM said:
Anavrins, on 26 April 2015 - 08:47 PM said:
-snip-
What an incompetent answer from a supposedly "Secure" OS, why make a "Guest" feature if it's downright insecure to do so…

Incompetent? Don't be an ass. If you re-read the main post, this is still in development. I'm no professional so stop expecting perfect. If you want perfect, go make it yourself.

Not trying to be rude myself, but I think you should take the constructive criticism out of that and apply it (remove the Guest feature) or say otherwise that you're keeping it.
Also, the following code still breaks "master":


os.queueEvent("extendme", "foo")

Since the user can write programs, it's smart to patch it in the program handling the event aswell. :)/>

Edited on 02 May 2015 - 05:32 PM

minebuild02 #34

minebuild02's profile picture

100 posts

Posted 07 June 2015 - 12:49 PM

Think it's kinda bordering on the malicious - you cannot terminate the programs, but the biggest thing is that you cannot delete the OS without getting to the computer folder and wiping the files.
But I bypassed this 'protection' by aliasing to /rom/programs/delete and /rom/programs/edit.

Kizz #35

99 posts

Location Louisville, Kentucky

Posted 10 June 2015 - 02:19 PM

Yea, sorry guys. Work has kept me too busy to update. Eventually I will get in and add some more security features. Again, as stated, I wanted to focus on features for a bit and get a basic GUI laid out.

At the moment, if you throw your tablet at a friend on your server, chances are, they won't be able to hack into it without being given the password. (Granted, the guest account still needs work.) My main goal was to have a secure login system, and I was never really interested in having file restrictions or the lot. It just fell into place due to the guest account.

Also Atenefyr, I took no offense to your criticism. I appreciate any suggestions as long as you don't simply insult me for not being an ace programmer.

Kizz #36

99 posts

Location Louisville, Kentucky

Posted 12 June 2015 - 02:05 PM

Minor update to improve local and global tag usage, and prevented users crashing the logout timer program.

coolmark1995 #37

coolmark1995's profile picture

24 posts

Posted 14 June 2015 - 03:05 AM

I love the OS and all but I dont see a guest account at all is it hidden or is there a special fix? also I think you need to add a cool little app market that downloads pastebin programs :)/> Also I think it would be cool if you added monitor support :)/> as well as a pocket version or pocket support :D/>

Edited on 14 June 2015 - 01:10 AM

Kizz #38

99 posts

Location Louisville, Kentucky

Posted 15 June 2015 - 01:26 PM

Actually, thank you Coolmark! I enjoy feature suggestions as I was unsure where to take the OS. The guest account does work, you have to simply make a new account and set the permission level to 0. This will mark the account as guest.

Be warned, however, as the guest account is still undergoing work to make it truly secure.

Kizz #39

99 posts

Location Louisville, Kentucky

Posted 15 June 2015 - 02:16 PM

coolmark1995, on 14 June 2015 - 03:05 AM said:
as well as a pocket version or pocket support :D/>

This is actually designed for the advanced pocket computer. ~~Haven't tested on a normal pocket computer, but it should work mostly.~~ (Will need to remove color before it is supported by basic computers)

Edited on 15 June 2015 - 12:52 PM

Kizz #40

99 posts

Location Louisville, Kentucky

Posted 15 June 2015 - 08:46 PM

Things I am working on:

Automatic updates
Improving guest account
Addition of app store
General performance improvement and better code readability (Should help me troubleshoot and expand code more easily)
Improving UI usability and flow while improving multi-thread support (Switching between programs and never leaving the UI)

Hopefully this will be out within the week!

Honeyphos123 #41

Honeyphos123's profile picture

11 posts

Posted 19 August 2015 - 12:46 AM

This doesnt work on pocket computers! i get an error that says button is out of bounds and the GUI is out of place and now none of my programs work