<<< Date Index >>>     <<< Thread Index >>>

Re: mutt and plaintext passwords : muttrc encryption ?



On 29 Jul 2008 18:14 -0400, by invalid@xxxxxxxxxxxxxx (Derek Martin):
> The risk here is tiny, but non-zero.  Someone would have to be able to
> gain root priviledges to read the raw swap device to get your

That's where (on Linux, at least) encrypted swap partitions come in
handy. You can set it up to use a random key (different on each boot),
meaning that once the system is shut down, what is left on the swap
partition is no more useful to anyone than the contents of the RAM
chips. Yes, there is still a certain risk involved, but it is much
smaller even if the system gets stolen.

The biggest problem would probably be to protect a running mutt
session on a running system from exploits that give a process
unfettered memory read access. As far as I can think of, that is
basically impossible to completely guarantee against. You can minimize
the risk, but you cannot eliminate it.

One solution that I guess would be workable would be a dm-crypt/LUKS
encrypted USB memory stick holding the sensitive part of the O.P.'s
muttrc, and source this from within ~/.muttrc. This USB memory stick
can be mounted read only under normal use and in fact should only need
to be mounted when mutt is actually being started, and can be kept in
a safe place otherwise. I do pretty much this with a KeePassX database
key file to provide a two-tier authentication mechanism.

But even that doesn't protect a running mutt from a direct attack by a
process with the ability to read mutt's memory.

-- 
Michael Kjörling .. michael@xxxxxxxxxxx .. http://michael.kjorling.se
* ..... No bird soars too high if he soars with his own wings ..... *
* ENCRYPTED email preferred -- OpenPGP key ID: 0x 758F8749 BDE9ADA6 *
* ASCII Ribbon Campaign: Against HTML mail, proprietary attachments *

Attachment: signature.asc
Description: Digital signature