<<< Date Index >>>     <<< Thread Index >>>

Re: mutt/580: mutt stores PGP passphrase insecurely



On Fri, Sep 22, 2006 at 01:21:19PM +0100, Paul Walker wrote:
> On Thu, Sep 21, 2006 at 06:50:06PM -0400, David Shaw wrote:
> 
> > At least on Linux, mutt can do the right thing with storing
> > passphrases securely.  This may be true on other systems as well, but
> > I can only say for sure about Linux,
> 
> A quick experiment seems to show that's true. The attached patch seems to
> work for me (in the sense of "no errors returned", rather than
> actually checking the contents of swapfiles).
> 
> It doesn't do anything except log a debug message if it can't lock/unlock
> memory, which to me seems harmless but it's possible other systems might
> take exception to a non-root process trying to mlock. Could people using
> *BSD, Solaris etc. test this out please?

For portability, it might be good to make the address being locked
land on a page boundary as the POSIX spec for mlock allows this to be
an optional requirement.  Linux doesn't require this (actually it
internally transforms the lock to be on a page boundary), but it might
be needed on other systems.  On those systems mlock would fail and set
errno to EINVAL if the address isn't on a boundary.

David

Attachment: pgpeNSAeOhEsV.pgp
Description: PGP signature