<<< Date Index >>>     <<< Thread Index >>>

Re: mutt/580: mutt stores PGP passphrase insecurely



On Mon, Oct 24, 2005 at 12:15:32PM -0400, Derek Martin wrote:

> Note that this also assumes that the user does not allow mutt to
> remember the passphrase, and that mutt erases the data from memory
> when it "forgets" the passphrase.  Otherwise an attacker with root
> could obtain it from mutt's image in memory...

If I was an attacker, and I had root on a box where you were decrypting
messages, there are *much* easier methods to get your passphrase than taking
them from memory or swap.

For example, you can start with using backdoored copies of mutt, gpg, or the
ssh daemon, which record keystrokes to a file for me to look at later.

Then you can get *really* inventive. ;-)

Seriously, I think trying to protect a password against an attacker who has
root is pretty much a waste of effort.

-- 
Paul

Attachment: signature.asc
Description: Digital signature