[prev in list] [next in list] [prev in thread] [next in thread]
List: kde-devel
Subject: Re: Storing passwords
From: Kuba Ober <kuba () mareimbrium ! org>
Date: 2003-05-29 12:47:56
[Download RAW message or body]
> > > Now there also have to be a way to limit the applications that
> > > shouldn't have access to the passwords from querying them. Probably an
> > > md5sum check against the binary calling the service and the one that
> > > stored the info. If the binary has changed don't return the password
> > > string. A better
> >
> > I think this is a lost cause. There is no sane way to protect against
> > this, and if you're worried about some rogue application getting
> > passwords, you should also be worried about it intercepting your traffic
> > before it is even encrypted.
>
> I don't know about this being my concern, my main concern is that only
> services run by the same user would be able to connect to that password
> store. The problem is under Linux and probably all UNIX variants, there is
> no login level id. So your id is the same on the first login or the 100th
> login. So if someone were able to come in as you, they could start a
> process to pull your passwords from your wallet. This would be of greater
> concern to me then them simply running the same application and having the
> application use my wallet.
There's no helping that. If somebody is able to come in as you, they can do
"rm ~ -rf" and unless you have backups, you're in deep trouble anyway. That's
what screen lockers are for.
There's no way to really keep things secure if somebody has the ability to
physically tamper with your box.
And unless you're running some cron jobs, it's a simple matter to put
something in your X login script to kill all other processes under your user
id.
Most unices under which KDE runs don't implement mandatory access control (or
an equivalent of it), and that's essentially what you'd need in the kernel to
prevent what you're afraid of. There's no useful way to do it in the
userspace, and any half-baked solution is only a waste of time. It would be a
good point to implement MAC for kwallet services on platforms that do support
it, though. Maybe even for some MAC patches for Linux kernel (I have no clue
about their state and popularity, though).
Cheers, Kuba Ober
>> Visit http://mail.kde.org/mailman/listinfo/kde-devel#unsub to unsubscribe <<
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic