I'm writing a piece of C++ code that will hold the access key to an encrypted archive and not allow it to be viewed before a certain date on a Linux system.
The complete code is below (yes, it's ugly and has a system() call. I feel that that was necessary for the given situation):
#include <iostream> //cout
#include <ctime> //time_t, time()
#include <cstdlib> //system()
#include <unistd.h> //getuid()
using namespace std;
int main () {
//updates the system clock and catches the exit code; must be 0 to proceed
int tcheck = system ("ntpd -q -I pool.ntp.org");
//checks updated time against set timestamp (11/20/16 @ 12 PM) and gives or denies access to key respectively
if ((tcheck == 0) && (getuid() = 0)) {
time_t now = time(0);
if (now < 1479661235)
{cout << "It is not yet time.";}
else
{cout << "The key is: a placeholder";}
}
else if (getuid() != 0)
{cout << "This program must be run as root.";}
else if (tcheck != 0)
{cout << "I think you might be cheating. Let the time server sync and then we'll talk.";}
cin.get();
return 0;
}
My problem is the following. The key must be inaccessible to a user with sudo privileges (with only the executable in hand), but it would be relatively easy for such a user to simply remove /bin/ntpd and replace it with a dummy program which returned 0 when called, thereby circumventing the time tampering protection.
I considered using a checksum to ensure the program's validity, but discarded this based on the fact that an update to the ntp package in the interim might also change ntpd and render the key inaccessible. I also cannot call for a checksum for ntpd from the package manager, because the code must be portable across multiple distributions.
Do you all have any ideas for how else to go about ensuring the validity of the program (or completely different methods to accomplish the same result)?
PS: Before you mention it, I do plan to obfuscate the source to avoid a decompiler exploit, so that's not going to be an issue.
