[prev in list] [next in list] [prev in thread] [next in thread]
List: apache-modssl
Subject: Re: Apache SSL Private Keys
From: Rich Salz <rsalz () zolera ! com>
Date: 2001-11-30 13:12:21
[Download RAW message or body]
> Therefore, the passphrase only protects the key if it is removed from your
> server, but as has been shown, being able to remove the key requires (or
> should require) root privileges. QED.
No, the passphrase protects the key during the time when root may have
access to the machine *any time your server isn't running.* That could
be during a forced reboot, down for backups or other maintenance, etc.
(In addition, most web servers run under a different ID, so the
adversary has twice TWO accounts to attack if it wants to look at a
coredump. :)
Anyone who has a machine under someone else's physical control (e.g.,
co-location service or corporate IT department) should use a passphrase
and forgo auto-reboot. Or make sure they realize the risks.
/r$
--
Zolera Systems, Securing web services (XML, SOAP, Signatures,
Encryption)
http://www.zolera.com
______________________________________________________________________
Apache Interface to OpenSSL (mod_ssl) www.modssl.org
User Support Mailing List modssl-users@modssl.org
Automated List Manager majordomo@modssl.org
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic