📄 05-permissions.md
⬇ Download Raw

Permissions & System Access Audit — ScorpioX Clang Codebase

Audit Date: 2026-04-28 Auditor: Security Audit Agent Scope: OS-level permissions, system access, process spawning, privilege model, and sandboxing Codebase: 148 non-vendor C source files (~125,525 lines) across scorpiox/ directory

1. Permissions Summary

AspectAssessmentRisk
Root/Privilege RequirementsOptional — most tools run unprivileged; 3 tools require or benefit from root⚠️ Medium
Process SpawningExtensive — 42 files spawn child processes via fork(), system(), popen(), execl()⚠️ Medium
Filesystem Access ScopeBroad — accesses ~/.scorpiox, /tmp, /proc, /sys, /dev, /var, /etc⚠️ Medium
Kernel/System CallsHeavy — KVM ioctls, BPF, namespace syscalls, mmap, mount/pivot_root🔴 High
Sandboxing ModelStrong for containers — user namespaces, pivot_root, overlayfs, cgroups🟢 Low
IPC MechanismsUnix sockets, named pipes, anonymous pipes, signals⚠️ Medium
Environment ModificationSignificant — sets PATH, proxy vars, TLS verification bypass vars🔴 High

2. Privilege Requirements

2.1 Tools That Require Root

ComponentRoot Required?Reason
scorpiox-thunderbolt4Yes — enforced via geteuid() != 0 checkBPF access for raw Ethernet frames requires root
scorpiox-dnsPractical yesBinds to port 53 (privileged port < 1024) by default
sxmail_smtpPractical yesBinds to port 25 (SMTP) — warns "need root?" on failure
scorpiox-vmNo but needs /dev/kvm accessSuggests sudo usermod -aG kvm $USER on permission denied

2.2 Tools That Optionally Run as Root

ComponentRoot Behavior
scorpiox-unshareRuns rootless by default (user namespaces). --privileged flag skips user namespace (requires running as real root). When root: auto-creates /etc/subuid and /etc/subgid entries, writes UID/GID maps directly, mounts cgroups at /sys/fs/cgroup/
scorpiox-wslRuns as unprivileged user within WSL; uses chroot within overlayfs

2.3 Tools That Run Fully Unprivileged

All other ~60+ tools (sx, scorpiox-bash, scorpiox-agent, scorpiox-server, scorpiox-fetch, etc.) run without any elevated privileges. The HTTP server (scorpiox-server) defaults to port 8080 (unprivileged).

2.4 Privileged Helper Dependency

scorpiox-unshare references setuid helpers /usr/bin/newuidmap and /usr/bin/newgidmap for non-root multi-UID mapping. These are standard Linux setuid binaries, not shipped with the codebase. No setuid/setgid/seteuid/setegid calls exist anywhere in the codebase. The code never escalates its own privileges.

3. Process Spawning Inventory

3.1 Process Spawning Frequency

42 source files spawn child processes. Top spawners by call count:

FileSpawning CallsPrimary Mechanism
scorpiox-unshare.c31clone(), system(), fork()
scorpiox-agent.c19system(), execlp(), popen()
sx.c18system(), popen()
scorpiox-wsl.c15system(), _popen(), CreateProcessA()
scorpiox-server.c13fork(), execlp(), popen()
scorpiox-sdk.c13system(), fork()
scorpiox-fetch.c12system(), fork()
scorpiox-whatsapp.c10fork(), execl(), system(), popen()

3.2 Process Spawning Mechanisms Used

MechanismUsage ContextRisk Notes
clone() with CLONE_NEWNS\CLONE_NEWPID\CLONE_NEWUTS\CLONE_NEWUSER\CLONE_NEWNETContainer creation in scorpiox-unshareCore functionality; well-isolated
fork() + exec*()Command execution (scorpiox-bash, scorpiox-server, scorpiox-traffic, scorpiox-init, scorpiox-whatsapp)Standard pattern; generally safe
system()31 call sites across 20+ files — package installation, git operations, network config, tmux commands, editor launch⚠️ Shell injection risk if arguments derive from user input without sanitization
popen()Command output capture (sx.c, scorpiox-agent.c, scorpiox-hook.c, scorpiox-server.c)Same injection concerns as system()
CreateProcessA()Windows self-restart in scorpiox-wsl.cWindows-specific; acceptable
forkpty() / ConPTYPTY-based execution in sx_pty.cNeeded for terminal emulation

3.3 Critical system() Call Sites

Several system() calls construct commands from runtime data:

3.4 What Processes Are Spawned

Spawned ProcessSpawning SourcePurpose
Container child (container_main)scorpiox-unshare.cIsolated container root process
bash / shscorpiox-bash.c, scorpiox-init.c, sx_exec.cCommand execution
python3scorpiox-server.c, scorpiox-traffic.cCGI script execution, MITM proxy
slirp4netnsscorpiox-unshare.cUser-space network stack for containers
newuidmap / newgidmapscorpiox-unshare.cUID/GID mapping for unprivileged containers
ssh / scpscorpiox-sshpass.cRemote command execution
gitscorpiox-agent.c, scorpiox-mirror-git.cRepository operations
tmuxscorpiox-tmux.c, sxtmux_backend_tmux.cTerminal multiplexing
scorpiox-whatsapp-bridgescorpiox-whatsapp.cWhatsApp integration bridge
wsl.exescorpiox-wsl.cWSL distro management
ipscorpiox-unshare.cNetwork interface configuration (inside container)
apk / apt-get / pacmanscorpiox-unshare.cPackage installation inside container
vim / vi / nanosx.cUser text editing
sox (rec)scorpiox-voice.cAudio recording for voice input

4. Filesystem Access Scope

4.1 Primary Data Directories

PathAccess ModePurpose
~/.scorpiox/Read/WritePrimary config, sessions, conversations, traffics, hooks, agents
.scorpiox/ (CWD-relative)Read/WriteProject-level sessions, hooks, conversations
SCORPIOX_HOME (env override)Read/WriteUser-configurable base directory

4.2 System Paths Accessed

PathComponentAccessPurpose
/proc/self/exescorpiox-unshareReadFind own binary path for container bind-mount
/proc//uid_map, /proc//gid_mapscorpiox-unshareWriteUser namespace UID/GID mapping
/proc//setgroupsscorpiox-unshareWriteAllow setgroups in namespace
/etc/subuid, /etc/subgidscorpiox-unshareRead/WriteSubordinate UID/GID ranges; auto-creates entries when root
/sys/fs/cgroup/sx-/scorpiox-unshareCreate/WriteMemory cgroup for containers
/dev/kvmscorpiox-vmRead/WriteKVM virtualization
/dev/net/tunscorpiox-vmRead/WriteTUN/TAP networking for VMs
/dev/bpfscorpiox-thunderbolt4Read/WriteBerkeley Packet Filter for raw Ethernet
/dev/null, /dev/zero, /dev/random, /dev/urandom, /dev/tty, /dev/pts/scorpiox-unshareBind-mountStandard device nodes inside container
/tmp/sxmux/sxmux_sessionCreate/Read/WriteMultiplexer Unix sockets and PID files
/tmp/sx_MultipleCreate/WriteTemporary files for voice, emit, proxy
/tmp/scorpiox-server/scorpiox-serverCreate/WriteGit deploy cache
/var/mail/sxmail_Read/WriteMaildir storage for email server

4.3 Container Filesystem Scope (scorpiox-unshare)

Inside the container, the process creates a complete isolated rootfs:


5. System Call Analysis

5.1 Namespace & Container Syscalls

SyscallFileContext
clone() with CLONE_NEWNS\CLONE_NEWPID\CLONE_NEWUTS\CLONE_NEWUSER\CLONE_NEWNETscorpiox-unshare.c:1831Container creation
unshare(CLONE_NEWUSER)scorpiox-unshare.c:645User namespace probe
SYS_pivot_rootscorpiox-unshare.c:1489Switch container root filesystem
sethostname()scorpiox-unshare.c:1337Set container hostname
mount() (12+ call sites)scorpiox-unshare.cproc, sysfs, tmpfs, overlayfs, bind mounts
umount2() with MNT_DETACHscorpiox-unshare.c:1501Detach old root after pivot

5.2 KVM Virtualization Syscalls

SyscallFileContext
ioctl(KVM_CREATE_VM)scorpiox-vm.c:2018Create virtual machine
ioctl(KVM_CREATE_VCPU)scorpiox-vm.c:2093Create virtual CPU
ioctl(KVM_SET_USER_MEMORY_REGION)scorpiox-vm.c:2052Map guest memory
ioctl(KVM_SET_SREGS/REGS)scorpiox-vm.c:2440+Configure CPU registers
ioctl(KVM_RUN)scorpiox-vm.c (vCPU loop)Execute guest code
ioctl(KVM_IRQ_LINE)scorpiox-vm.c:914+Inject interrupts
ioctl(TUNSETIFF)scorpiox-vm.c:1669TUN/TAP network interface

5.3 Memory Mapping

CallFileFlagsPurpose
mmap()scorpiox-vm.c:2035PROT_READ\PROT_WRITE, MAP_PRIVATE\MAP_ANONYMOUS\MAP_NORESERVEGuest VM memory (up to GBs)
mmap()scorpiox-vm.c:2105PROT_READ\PROT_WRITE, MAP_SHAREDvCPU run structure
mmap()scorpiox-vm.c:2848PROT_READ\PROT_WRITE, MAP_PRIVATE\MAP_ANONYMOUSBIOS ROM buffer
No PROT_EXEC mappings exist anywhere in the codebase. No mprotect() calls. No JIT or self-modifying code. This is a strong security positive.

5.4 Signal Handling

Standard signal handling patterns used across the codebase:

5.5 Other Notable Syscalls

CallContext
setsid()Daemon mode in scorpiox-dns, scorpiox-init (service launcher), sxmux_session
chdir()CGI script execution in scorpiox-server, daemon mode
readlink("/proc/self/exe")Self-location for container binary bind-mounting
sethostname()Container hostname isolation

6. Sandboxing / Isolation Model

6.1 Container Isolation (scorpiox-unshare)

scorpiox-unshare implements a comprehensive Linux container runtime with multi-layer isolation:
LayerImplementationAssessment
User NamespaceCLONE_NEWUSER — maps host UID to container root (UID 0)✅ Strong — unprivileged by default
Mount NamespaceCLONE_NEWNS + MS_REC\MS_PRIVATE — prevents mount propagation to host✅ Strong
PID NamespaceCLONE_NEWPID — container gets PID 1✅ Strong
UTS NamespaceCLONE_NEWUTS — isolated hostname✅ Strong
Network NamespaceCLONE_NEWNET + slirp4netns — isolated network with user-space NAT; --net host opt-out✅ Strong (default isolated)
Filesystempivot_root + overlayfs/bind-mount — complete rootfs change✅ Strong
Device Isolationtmpfs /dev with minimal bind-mounted nodes✅ Good
Memory Limitscgroup v2 memory.max via --memory flag✅ Good (optional)
Port ForwardingExplicit -p port mapping with range parsing✅ Controlled

6.2 Isolation Gaps

GapDescriptionRisk
--privileged modeSkips user namespace entirely, runs as real root inside container🔴 High — but requires explicit flag AND running as root
--net hostShares host network namespace⚠️ Medium — explicit opt-in
No seccomp filterContainer processes have access to all syscalls allowed by user namespace⚠️ Medium — user namespaces restrict most dangerous calls, but a seccomp profile would add defense-in-depth
No AppArmor/SELinux profilesNo mandatory access control confinement⚠️ Medium
Bind-mount permissionsUser-provided --bind and -v mounts share host directories with full container access⚠️ Medium — expected behavior, but user must be careful
No capability droppingNo capset() or prctl(PR_SET_NO_NEW_PRIVS) — relies entirely on user namespace restrictions⚠️ Low — user namespaces effectively limit capabilities

6.3 VM Isolation (scorpiox-vm)

KVM-based VMs provide hardware-level isolation:

6.4 WSL Isolation (scorpiox-wsl)

Windows-specific: uses WSL's built-in isolation + overlayfs chroot within WSL for additional filesystem isolation.


7. IPC Mechanisms

MechanismComponent(s)Purpose
Unix Domain Sockets (AF_UNIX, SOCK_STREAM)sxmux_session.cTerminal multiplexer client-server communication; sockets at /tmp/sxmux/
Named Pipes (Windows CreateNamedPipe)sxmux_session.c (Windows path)Same purpose on Windows: \\.\pipe\sxmux-
Anonymous Pipes (pipe())scorpiox-unshare.c (sync_pipe, net_pipe), scorpiox-bash.c, scorpiox-whatsapp.c, sx_exec.cParent-child synchronization, command output capture
Signals (kill(), SIGTERM, SIGINT)MultipleProcess lifecycle management, cleanup coordination
TCP Sockets (AF_INET)sxmail_smtp.c, sxmail_imap.c, scorpiox-server.c, scorpiox-server-http2tcp.c, scorpiox-dns.cNetwork services (SMTP, IMAP, HTTP, DNS)
stdout/stdinsx_exec.c, scorpiox-bash.cCaptured command output, streaming
Environment VariablesMultipleConfiguration passing between parent/child processes
PID Filessxmux_session.cSession liveness detection at /tmp/sxmux/

No shared memory (shm_open, shmget) or message queues (mqueue) are used.


8. Environment Modification Analysis

8.1 Standard Environment Setting

These are benign, expected modifications within container/child contexts:

VariableComponentContext
PATHscorpiox-unshare.cStandard path inside container
HOME, USER, TERM, LANGscorpiox-unshare.cContainer environment setup
container=scorpiox-unsharescorpiox-unshare.cContainer detection hint
SXMUX_INIT_CMDsxmux_session.cMultiplexer initial command
REQUEST_METHOD, CONTENT_TYPE, etc.scorpiox-server.cCGI environment variables

8.2 Security-Sensitive Environment Modifications

Variable(s)ComponentRisk
HTTP_PROXY, HTTPS_PROXY, http_proxy, https_proxyscorpiox-traffic.c:942-945🔴 High — redirects all HTTP(S) traffic through MITM proxy
NODE_TLS_REJECT_UNAUTHORIZED=0scorpiox-traffic.c:975🔴 High — disables TLS certificate verification for Node.js
REQUESTS_CA_BUNDLE, CURL_CA_BUNDLE, SSL_CERT_FILEscorpiox-traffic.c:976-978🔴 High — overrides CA bundle to custom cert for MITM
PYTHONHTTPSVERIFY=0scorpiox-traffic.c:979🔴 High — disables Python HTTPS verification
CURLOPT_SSL_VERIFYPEER=0scorpiox-traffic.c:980🔴 High — disables curl peer verification
Mitigating context: These modifications are intentionalscorpiox-traffic is explicitly a traffic capture/MITM tool. The environment changes are applied only to the child process being monitored (fork() + execvp() at line 984), not globally. However, the tool's purpose inherently requires weakening TLS security for the wrapped process.

8.3 No LD_PRELOAD / LD_LIBRARY_PATH Modification

The codebase does not modify LD_PRELOAD or LD_LIBRARY_PATH anywhere. No dynamic library injection vectors exist.


9. Principle of Least Privilege Assessment

9.1 Strengths

AreaAssessment
No privilege escalationZero setuid/setgid/seteuid/setegid calls in entire codebase
Rootless containers by defaultscorpiox-unshare uses user namespaces — no root needed
No executable memoryNo PROT_EXEC mmap, no mprotect, no JIT — strong W^X compliance
Explicit root checksscorpiox-thunderbolt4 explicitly checks geteuid() == 0 before proceeding
Process monitoringsx_procmon.c tracks fork/pipe/FD counts for leak detection
No shared memoryNo shm_open/shmget reduces inter-process attack surface
Read-only host bindHost scorpiox binaries are bind-mounted read-only into containers

9.2 Weaknesses

AreaIssueRecommendation
Excessive system() usage31+ call sites using shell command execution; command injection risk if inputs aren't sanitizedReplace system() with direct fork()+exec() where possible; validate/escape inputs
No seccomp in containersContainer child processes can invoke any syscall allowed by user namespaceAdd seccomp(SCMP_ACT_ERRNO) filter to restrict container syscalls to known-needed set
No PR_SET_NO_NEW_PRIVSContainer children could theoretically gain privileges via setuid binaries inside rootfsCall prctl(PR_SET_NO_NEW_PRIVS, 1) in container_main before exec
/etc/subuid auto-creationWhen running as root, auto-appends to /etc/subuid and /etc/subgid without lockingUse atomic file operations or lock files
Temp file predictabilityUses predictable paths like /tmp/sx_voice.wav, /tmp/.sx-unshare-list.html, /tmp/sx_emit_*Use mkstemp() or mkdtemp() for temp files
CGI fork modelscorpiox-server forks per-request for CGI execution; no resource limits on spawned childrenAdd per-child timeouts and process count limits
scorpiox-sshpass designDeliberately disables all SSH host key checking (StrictHostKeyChecking=no, UserKnownHostsFile=/dev/null)Acceptable for stated "home lab only" purpose, but should include runtime warnings
DNS on port 53scorpiox-dns defaults to port 53 without capability-based port bindingUse CAP_NET_BIND_SERVICE capability instead of full root

10. Risk Assessment

10.1 Risk Matrix

RiskSeverityLikelihoodComponentsMitigation
Command injection via system()HighMediumscorpiox-unshare, scorpiox-agent, scorpiox-hook, scorpiox-wslSanitize inputs; prefer exec*()
Container escapeCriticalLowscorpiox-unshareUser namespaces + pivot_root provide strong isolation; add seccomp
TLS bypass in traffic captureHighHigh (by design)scorpiox-trafficDocument clearly; scope env changes to child only ✅
Temp file race conditions (symlink attacks)MediumLowMultiple toolsUse mkstemp(); set restrictive umask
KVM guest-to-host escapeCriticalVery Lowscorpiox-vmHardware-enforced KVM isolation; keep kernel patched
Privileged port binding without dropping privilegesMediumMediumscorpiox-dns, sxmail_smtpBind port then drop privileges; use capabilities
Unbounded CGI process spawningMediumMediumscorpiox-serverAdd connection limits and child process caps
BPF raw network accessHighLowscorpiox-thunderbolt4Root requirement is enforced ✅
--privileged container flagHighLowscorpiox-unshareRequires both flag AND root — double gate ✅
Predictable Unix socket pathsLowLowsxmux_session at /tmp/sxmux/Check socket ownership; use per-user subdirs

10.2 Overall Assessment

The ScorpioX codebase demonstrates a generally sound security architecture for a systems-level toolkit:

Overall Risk Rating: MEDIUM — The codebase is well-structured with clear separation of privileged operations, but would benefit from replacing system() calls with direct exec, adding seccomp filters to containers, and using secure temporary file creation patterns.
Report generated by Security Audit Agent on 2026-04-28