Re: [Keyrings] Re: [PATCH 01/04] Add multi-precision-integer maths library

On Sat, 2006-01-28 at 11:46 +0100, David Härdeman wrote:

> Not necessarily, if you have your ssh-keys in ssh-agent, a compromise of 
> your account (forgot to lock the screen while going to the bathroom? 
> did the OOM-condition occur which killed the program which locks the
> screen? remote compromise of the system? local compromise?) means that a large 
> array of attacks are possible against the daemon.
> 
> In addition, as stated before, the "backup" account, or whatever user the 
> daemon which wants to sign stuff with your key is running as, might be 
> compromised.
> 
> Currently, if you want to give the daemon access to the keys via 
> ssh-agent (or something similar), you have to change the permissions on 
> the ssh-agent socket to be much less restricted (especially since it's 
> unlikely that you have permission to change the uid or gid of the socket 
> to that of the daemon). Alternatively you can provide the backup daemon 
> with the key directly (via fs, or loaded somehow at startup...etc), but 
> then a compromise of the daemon means that the attacker has the private 
> key.
> 
> Finally, the in-kernel system also provides a mechanism for the daemon 
> to request the key when it is needed should it realize that the proper 
> key is missing/has changed/whatever.

Then fix ssh, not the kernel. As I said before, this is a problem that
has been solved entirely in userspace by means of proxy certificates:
they allow the user to issue time-limited certificates that are signed
by the original certificate (hence can be authenticated as such), and
that authorise a service to do a specific thing.

Cheers,
  Trond

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

---

• Follow-Ups:
  • Re: [Keyrings] Re: [PATCH 01/04] Add multi-precision-integer maths library
    • From: David Härdeman <[email protected]>

• References:
  • Re: [PATCH 01/04] Add multi-precision-integer maths library
    • From: Christoph Hellwig <[email protected]>
  • [PATCH 00/04] Add DSA key type
    • From: David Härdeman <[email protected]>
  • [PATCH 01/04] Add multi-precision-integer maths library
    • From: David Härdeman <[email protected]>
  • Re: [PATCH 01/04] Add multi-precision-integer maths library
    • From: David Howells <[email protected]>
  • Re: [PATCH 01/04] Add multi-precision-integer maths library
    • From: David Härdeman <[email protected]>
  • Re: [PATCH 01/04] Add multi-precision-integer maths library
    • From: Adrian Bunk <[email protected]>
  • Re: [PATCH 01/04] Add multi-precision-integer maths library
    • From: David Härdeman <[email protected]>

• Prev by Date: Re: Suspend to RAM: help with whitelist wanted
• Next by Date: Re: [patch 3/9] mempool - Make mempools NUMA aware
• Previous by thread: Re: [PATCH 01/04] Add multi-precision-integer maths library
• Next by thread: Re: [Keyrings] Re: [PATCH 01/04] Add multi-precision-integer maths library
• Index(es):
  • Date
  • Thread

[Index of Archives]     [Kernel Newbies]     [Netfilter]     [Bugtraq]     [Photo]     [Stuff]     [Gimp]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux RAID]     [Video 4 Linux]     [Linux for the blind]     [Linux Resources]