<<< Date Index >>>     <<< Thread Index >>>

Re: mutt/580: mutt stores PGP passphrase insecurely



The following reply was made to PR mutt/580; it has been noted by GNATS.

From: Thomas Roessler <roessler@xxxxxxxxxxxxxxxxxx>
To: bug-any@xxxxxxxxxxxxx
Cc: Mutt Developers <mutt-dev@xxxxxxxx>, 96144@xxxxxxxxxxxxxxx
Subject: Re: mutt/580: mutt stores PGP passphrase insecurely
Date: Fri, 7 Oct 2005 14:42:51 +0200

 On 2005-10-07 04:35:02 +0200, Derek Martin wrote:
 
 >  Er, well, come on...  just because Mutt *can* use an auxiliary
 >  program to handle encryption passphrases securely doesn't mean
 >  mutt itself should completely ignore the issue.  As shipped,
 >  mutt is vulnerable.
 
 >  Admittedly this is not a severe issue, but it is a legitimate
 >  security concern.  I think this really ought to be re-opened.
 
 I disagree, unless someone can actually demonstrate (a) a realistic
 attack model against which mutt is vulnerable, and (b) a defense
 against this attack model that could be implemented.
 
 Hint: Encrypting the pass phrase with a symmetric key that is kept
 in memory is *not* a solution to an attack that is based on reading
 the pass phrase from memory, since the attack is now shifted to the
 equivalently complex reading of the symmetric key from memory.
 
 --=20
 Thomas Roessler =B7 Personal soap box at <http://log.does-not-exist.org/>.