Storing keys under a different user...
thomas at northernsecurity.net
Wed Feb 11 23:27:43 CET 2004
-----BEGIN PGP SIGNED MESSAGE-----
On Wed, Feb 11, 2004 at 04:30:22PM -0500, Nicholas Paul Johnson wrote:
> Then, when user nick wants to do any gnupg operation, he would
> setuid(f(uid(nick))), read the key, restore user id, and procede.
How will the user be authenticated in this setup?
Lets say the the user Alice hasn't really grasp the concept of passwords
(she uses a weak one or writes it down and hides the note under her
keyboard or whatever) and a attacker is able to login as Alice. If i
haven't misunderstood your idea the attacker will then have access to
the keys, which means this setup doesn't really change anything from the
present setup (unless you got world rw-rights on you home and .gnupg
> This way, the key is secure, because no trojan running as a user would be
> able to read the key, unless it somehow had (A) compromized root, which is
> problem in itself, or (B) successfully logged in as nick_key, which is
> (theoretically) not going to happen either.
If one is to write a trojan to steal keys, i dont think the first
priority is to steal the actual keys but to insert a keylogger and thus
steal the password which is basically the only thing that protects your
keys if you've gotten into this situation.
== thomas at northernsecurity.net | thomas at se.linux.org
== Encrypted e-mails preferred | GPG KeyID: 114AA85C
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
-----END PGP SIGNATURE-----
More information about the Gnupg-users