On Sun, Jan 29, 2006 at 11:38:22AM -0500, Trond Myklebust wrote:
On Sun, 2006-01-29 at 12:33 +0100, David Härdeman wrote:
Why would you want to use proxy certificates for you own use? Use your
own certificate for your own processes, and issue one or more proxy
certificates to any daemon that you want to authorise to do some limited
task.
I meant that you can't use proxy certs for your own use, so you still need
to store your own cert/key somehow...and I still believe that the kernel
keyring is the best place...
Agreed. Now, reread what I said above, and tell me why this is an
argument for doing dsa in the kernel?
If you agree that the kernel keyring is the best place, it shouldn't be
a big step to also agree that in-kernel signing is "good" since it
allows you to use the key while it makes it possible for the kernel to
refuse to divulge the private part...even to the user who added the key
(i.e. yourself)...
...and what does this statement about "keys being safer in the kernel"
mean?
swap-out to disk, ptrace, coredump all become non-issues. And in
combination with some other security features (such as disallowing
modules, read/write of /dev/mem + /dev/kmem, limited permissions via
SELinux, etc), it becomes pretty hard for the attacker to get your
private key even if he/she manages to get access to the root account.
Turning off coredump is trivial. All the features that LSM provide apply
to userland too (including security_ptrace()), so the SELinux policies
are not an argument for putting stuff in the kernel.
Only the swap-out to disk is an issue, and that is less of a worry if
you use a time-limited proxy in the daemon.
How do you use a "time-limited proxy in the daemon" for your own
keys/cerificates (e.g. ssh keys)?
Re,
David
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [email protected]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
[Index of Archives]
[Kernel Newbies]
[Netfilter]
[Bugtraq]
[Photo]
[Stuff]
[Gimp]
[Yosemite News]
[MIPS Linux]
[ARM Linux]
[Linux Security]
[Linux RAID]
[Video 4 Linux]
[Linux for the blind]
[Linux Resources]