lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-ID: <1103869824.29362.370.camel@daemon.nmrc.org>
Date: Fri, 24 Dec 2004 00:30:24 -0600
From: Simple Nomad <thegnome@...c.org>
To: "Thomas C. Greene" <thomas.greene@...register.co.uk>
Cc: bugtraq@...urityfocus.com
Subject: Re: Inexcusable weakness in Kmail / GnuPG

<snip>

> So i compose my reply, and i'm just about to click the Send button, when i 
> notice, quite by chance, that the reply is *not* encrypted by default, and i 
> am not warned about this fact.  My reply, and my entire past exchange with 
> the source, is about to go out in fscking clear text!  

Most if not all mailers are affected by certain bugs related to this. It
"forgets" the passphrase, but does it free the variable? Does it wipe
the variable with 0's or random data as soon as it is done with the
passphrase, assuming it is supposed to forget it? Does it page to swap?
Can this be prevented by running as root, which can do an mlockall()? Is
the binary suid root to allow non-root users to mlockall()? Are
privileges dropped? Is running suid root the best way to solve this
problem? Is a temp file used to create the encrypted message? Is the
temp file securely wiped? Where is the temp file written? Can simply
encrypting/decrypting by hand and importing/exporting/cutting/pasting
into the mail program an easier way to solve this for paranoid users?

Most mailers fail one or more of these tests. If this hasn't been
discussed, it should be, but it should also be discussed in the context
of whether the system running GPG is secure or not, and how hard would
it be to exploit the bugs. If someone can access your swap, you have all
kinds of problems, not just the possible passphrase recovery from the
swap itself.

As far as the functional bugs as stated below in mailers, I'm sure there
are others as I have seen this type of bug before -- where you are
allowed to sent email unencrypted when you think it is encrypted --
although for the life of me I cannot remember the mail program. IIRC I
did report the error to the mailer's authors, but switched mailers. I
recommend either contacting the authors, writing a patch, or switching
mail programs.

-- 
- Simple Nomad ---- thegnome@...c.org ---- thegnome@...or.bindview.com -
- "Patriotism means to stand by the country. It does not mean to stand -
- by the President or any other public official." - Theodore Roosevelt -

Download attachment "signature.asc" of type "application/pgp-signature" (190 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ