Bugtraq mailing list archives
Re: stored credentials was: Netscape 4.5 vulnerability
From: Valdis.Kletnieks () VT EDU (Valdis.Kletnieks () VT EDU)
Date: Sun, 25 Apr 1999 04:00:02 -0400
On Fri, 23 Apr 1999 17:06:33 EDT, Jefferson Ogata <jogata () NODC NOAA GOV> said:
What if the OS itself maintains a database of randomized encryption keys, and allows access to a key only to a binary whose inode and filesystem matches the one under which the key was stored. I'm being needlessly specific here, but I lack the vocabulary to describe this in more general terms.
1) This data must, itself, be stored someplace. Where, and how? Obviously, this needs encrypting too. What do you use for a key for THAT? (Remember, the key has to survive a reboot). 2) Mapping it to inode/filesystem is a Bad Idea. 2A) You upgrade the product, you lose. 2B) You restore the filesystem from tape, you lose. 2C) An attacker finds a way to grab that inode number for himself, you lose. I won't even get into possible hassles here with symlink confusion, NFS issues (remember, dickless clients DO exist), and other warts that we have to deal with in the real world. Valdis Kletnieks Computer Systems Senior Engineer Virginia Tech
Current thread:
- Re: stored credentials was: Netscape 4.5 vulnerability Juha Jäykkä (Apr 23)
- <Possible follow-ups>
- Re: stored credentials was: Netscape 4.5 vulnerability Jefferson Ogata (Apr 23)
- Re: stored credentials was: Netscape 4.5 vulnerability Valdis.Kletnieks () VT EDU (Apr 25)
- Re: stored credentials was: Netscape 4.5 vulnerability Jay R. Ashworth (Apr 24)