Re: mutt/580: mutt stores PGP passphrase insecurely

To: Mutt Developers <mutt-dev@xxxxxxxx>, 96144@xxxxxxxxxxxxxxx
Subject: Re: mutt/580: mutt stores PGP passphrase insecurely
From: Thomas Roessler <roessler@xxxxxxxxxxxxxxxxxx>
Date: Fri, 07 Oct 2005 14:45:01 +0200
List-unsubscribe: <mailto:mutt-dev-request@mutt.org?body=unsubscribe>
References: <mutt-pr-580@xxxxxxxxxxxxx>
Reply-to: bug-any@xxxxxxxxxxxxx
Sender: owner-mutt-dev@xxxxxxxx

The following reply was made to PR mutt/580; it has been noted by GNATS.

From: Thomas Roessler <roessler@xxxxxxxxxxxxxxxxxx>
To: bug-any@xxxxxxxxxxxxx
Cc: Mutt Developers <mutt-dev@xxxxxxxx>, 96144@xxxxxxxxxxxxxxx
Subject: Re: mutt/580: mutt stores PGP passphrase insecurely
Date: Fri, 7 Oct 2005 14:42:51 +0200

 On 2005-10-07 04:35:02 +0200, Derek Martin wrote:

 >  Er, well, come on...  just because Mutt *can* use an auxiliary
 >  program to handle encryption passphrases securely doesn't mean
 >  mutt itself should completely ignore the issue.  As shipped,
 >  mutt is vulnerable.

 >  Admittedly this is not a severe issue, but it is a legitimate
 >  security concern.  I think this really ought to be re-opened.

 I disagree, unless someone can actually demonstrate (a) a realistic
 attack model against which mutt is vulnerable, and (b) a defense
 against this attack model that could be implemented.

 Hint: Encrypting the pass phrase with a symmetric key that is kept
 in memory is *not* a solution to an attack that is based on reading
 the pass phrase from memory, since the attack is now shifted to the
 equivalently complex reading of the symmetric key from memory.

 --=20
 Thomas Roessler =B7 Personal soap box at <http://log.does-not-exist.org/>.

Prev by Date: Re: mutt/580: mutt stores PGP passphrase insecurely
Next by Date: Re: mutt/2058: browser and account-hook are poorly documented
Previous by thread: Re: mutt/580: mutt stores PGP passphrase insecurely
Next by thread: Re: mutt/580: mutt stores PGP passphrase insecurely
Index(es):
- Date
- Thread