Re: [Mutt] #580: mutt stores PGP passphrase insecurely
- To: md@xxxxxxxx, arturcz@xxxxxxx, brendan@xxxxxxxxxx, brian@xxxxxxxxxxxxx, invalid@xxxxxxxxxxxxxx, ttakah@xxxxxxxxxxxxxxxxx, roessler@xxxxxxxxxxxxxxxxxx, wk@xxxxxxxxx, antonio@xxxxxxxx, paul@xxxxxxxxxxxxxxx, pdmef@xxxxxxx
- Subject: Re: [Mutt] #580: mutt stores PGP passphrase insecurely
- From: Mutt <fleas@xxxxxxxx>
- Date: Tue, 30 Jun 2009 14:38:46 -0000
- Auto-submitted: auto-generated
- Cc: mutt-dev@xxxxxxxx, 96144@xxxxxxxxxxxxxxx
- In-reply-to: <058.5fa77f122be3996dabecb666b4de6ee9@xxxxxxxx>
- Mail-followup-to: fleas@xxxxxxxx
- References: <058.5fa77f122be3996dabecb666b4de6ee9@xxxxxxxx>
- Reply-to: fleas@xxxxxxxx
#580: mutt stores PGP passphrase insecurely
-----------------------------------------+----------------------------------
Reporter: Marco d'Itri <md@xxxxxxxx> | Owner: mutt-dev
Type: defect | Status: reopened
Priority: trivial | Milestone:
Component: crypto | Version: 1.5.19
Resolution: | Keywords:
-----------------------------------------+----------------------------------
Changes (by pdmef):
* component: mutt => crypto
Old description:
> {{{
> Package: mutt
> Version: 1.3.15-2
>
> [NOTE: this bug report has been submitted to the debian BTS as Bug#96144.
> Please Cc all your replies to 96144@xxxxxxxxxxxxxxxx]
>
> From: Brian Ristuccia <brian@xxxxxxxxxxxxx>
> Subject: mutt stores PGP passphrase insecurely
> Date: Thu, 3 May 2001 01:44:50 -0400
>
> When caching passphrases, mutt uses memory that's not locked. The
> passphrase
> can be recovered if that part of mutt's address space is swapped to disk.
> In
> order for the secret key to remain secure in the event that the machine
> is
> lost or stolen, the memory area occupied by the passphrase must be locked
> to
> prevent the swap file from being contaminated with the passphrase. Note
> that
> mutt zeros out the passphrase when it times out, but there's no guarantee
> that any old blocks on the swap space will be overwritten before the
> machine
> is shut down or stolen. This issue is of particular importance with
> laptop
> computers, since PGP encryption is the only thing standing between an
> unauthorized reader and your email should the machine get stolen.
>
> Since Linux 2.2.x and 2.4.x don't seem to allow ordinary users to lock
> even
> small amounts of memory, one potential solution would be to have mutt
> executed by a wrapper program that passes it a locked shared memory
> segment
> just big enough to hold the passphrase. Swap over an encrypted loopback
> filesystem initialized with a throwaway key at each reboot is a
> workaround.
> But using an encrypted loopback filesystem is computationally intensive
> and
> might drain batteries prematurely, especially on smaller laptops. A
> kernel
> level swap cleaner daemon that overwrites recently freed swap blocks
> would
> also work, but with a similar battery life penalty.
>
> --
> Brian Ristuccia
> brian@xxxxxxxxxxxxx
> bristucc@xxxxxxxxxx
>
>
> >How-To-Repeat:
> >Fix:
> }}}
New description:
{{{
Package: mutt
Version: 1.3.15-2
[NOTE: this bug report has been submitted to the debian BTS as Bug#96144.
Please Cc all your replies to 96144@xxxxxxxxxxxxxxxx]
From: Brian Ristuccia <brian@xxxxxxxxxxxxx>
Subject: mutt stores PGP passphrase insecurely
Date: Thu, 3 May 2001 01:44:50 -0400
When caching passphrases, mutt uses memory that's not locked. The
passphrase
can be recovered if that part of mutt's address space is swapped to disk.
In
order for the secret key to remain secure in the event that the machine is
lost or stolen, the memory area occupied by the passphrase must be locked
to
prevent the swap file from being contaminated with the passphrase. Note
that
mutt zeros out the passphrase when it times out, but there's no guarantee
that any old blocks on the swap space will be overwritten before the
machine
is shut down or stolen. This issue is of particular importance with laptop
computers, since PGP encryption is the only thing standing between an
unauthorized reader and your email should the machine get stolen.
Since Linux 2.2.x and 2.4.x don't seem to allow ordinary users to lock
even
small amounts of memory, one potential solution would be to have mutt
executed by a wrapper program that passes it a locked shared memory
segment
just big enough to hold the passphrase. Swap over an encrypted loopback
filesystem initialized with a throwaway key at each reboot is a
workaround.
But using an encrypted loopback filesystem is computationally intensive
and
might drain batteries prematurely, especially on smaller laptops. A kernel
level swap cleaner daemon that overwrites recently freed swap blocks would
also work, but with a similar battery life penalty.
--
Brian Ristuccia
brian@xxxxxxxxxxxxx
bristucc@xxxxxxxxxx
>How-To-Repeat:
>Fix:
}}}
--
--
Ticket URL: <http://dev.mutt.org/trac/ticket/580#comment:18>
Mutt <http://www.mutt.org/>
The Mutt mail user agent