Re: Infrastructure report, 2008-08-22 UTC 1200

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Fri, Aug 22, 2008 at 4:54 PM, Michael J Gruber
<michaeljgruber+gmane@xxxxxxxxxxx> wrote:

>
> As Paul pointed out, the keys are different, and the Fedora key was not
> in use (no passphrase typed in) during the critical time frame.

Yep. Just wondering how the attacker retrieved the passphrase for Red Hat.

Looking at this paper[1], gpg is quite safe regarding its memory use
while processing
the passphrase. Except if you use a terminal that will intercept and
store the passphrase
somewhere in memory ;-)

Could be very interesting to know how the attacker was able to catch
the passphrase.
(maybe via a bash_history containing the passphrase typed in the shell
prompt ;-)

[1] http://philosecurity.org/pubs/davidoff-clearmem-linux.pdf

> Funny
> thing is:
>
> - Fedora's key will be changed, not RHEL's, which has been compromised.
> - High security private keys are best kept in bare metal and used on
> boxes without incoming network. This doesn't seem to apply to the
> package signing keys.

This is a very good point. Signing key should be done on a dedicated
system where
there is no permanent network connectivity.  Maybe that could be a
good enhancement
for the future ;-)

Thanks for the feedback,

adulau

-- 
-- Alexandre Dulaunoy (adulau) -- http://www.foo.be/
-- http://www.foo.be/cgi-bin/wiki.pl/Diary
-- "Knowledge can create problems, it is not through ignorance
-- that we can solve them" Isaac Asimov

-- 
fedora-list mailing list
fedora-list@xxxxxxxxxx
To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list

[Index of Archives]     [Current Fedora Users]     [Fedora Desktop]     [Fedora SELinux]     [Yosemite News]     [Yosemite Photos]     [KDE Users]     [Fedora Tools]     [Fedora Docs]

  Powered by Linux