Bugtraq mailing list archives

Re: stored credentials was: Netscape 4.5 vulnerability

From: Valdis.Kletnieks () VT EDU (Valdis.Kletnieks () VT EDU)
Date: Sun, 25 Apr 1999 04:00:02 -0400


On Fri, 23 Apr 1999 17:06:33 EDT, Jefferson Ogata <jogata () NODC NOAA GOV>  said:

What if the OS itself maintains a database of randomized encryption keys,
and allows access to a key only to a binary whose inode and filesystem
matches the one under which the key was stored. I'm being needlessly
specific here, but I lack the vocabulary to describe this in more general
terms.


1) This data must, itself, be stored someplace.  Where, and how?
Obviously, this needs encrypting too. What do you use for a key for THAT?
(Remember, the key has to survive a reboot).

2) Mapping it to inode/filesystem is a Bad Idea.
   2A) You upgrade the product, you lose.
   2B) You restore the filesystem from tape, you lose.
   2C) An attacker finds a way to grab that inode number for himself, you lose.

I won't even get into possible hassles here with symlink confusion,
NFS issues (remember, dickless clients DO exist), and other warts
that we have to deal with in the real world.

                                Valdis Kletnieks
                                Computer Systems Senior Engineer
                                Virginia Tech

Current thread:

Re: stored credentials was: Netscape 4.5 vulnerability Juha Jäykkä (Apr 23)
- <Possible follow-ups>
- Re: stored credentials was: Netscape 4.5 vulnerability Jefferson Ogata (Apr 23)
  - Re: stored credentials was: Netscape 4.5 vulnerability Valdis.Kletnieks () VT EDU (Apr 25)
- Re: stored credentials was: Netscape 4.5 vulnerability Jay R. Ashworth (Apr 24)