danger of decrypted files without integrity protection
Bernhard Reiter
bernhard at intevation.de
Thu May 17 10:26:09 CEST 2018
Pondering how dangerous manipulated decrypted files are
I've done the following experiment on a GNU system:
echo "File loading external references? Yes, if you can see the following image: <img src=https://gnupg.org/share/logo-gnupg-light-purple-bg.png />" >test.html
firefox test.html
chromium test.html
both times the image was shown.
dpkg -s firefox-esr chromium | grep Version
Version: 52.8.0esr-1~deb9u1
Version: 66.0.3359.117-1~deb9u1
Even if the originally encrypted file was something else,
it could be wrapped into html by an attacker
and even if the browser's SOP would not allow to load external
references listed in local file by default, you could additionally
try adding one of the https://en.wikipedia.org/wiki/Same-origin_policy#Relaxing_the_same-origin_policy
methods that work on a local file.
Seems decrypted files that had no integrity protection are
dangerous because they could be manipulated to send decrypted
plaintext anyware once the users opens them.
Best Regards,
Bernhard
--
www.intevation.de/~bernhard +49 541 33 508 3-3
Intevation GmbH, Osnabrück, DE; Amtsgericht Osnabrück, HRB 18998
Geschäftsführer Frank Koormann, Bernhard Reiter, Dr. Jan-Oliver Wagner
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 488 bytes
Desc: This is a digitally signed message part.
URL: <https://lists.gnupg.org/pipermail/gnupg-devel/attachments/20180517/bd630c29/attachment.sig>
More information about the Gnupg-devel
mailing list