Access experimental subpackets of 'User Attribute Packet'

Eric erpo41 at hotpop.com
Mon Aug 15 04:06:02 CEST 2005


On Fri, 2005-08-12 at 10:51 -0700, vedaal at hush.com wrote:
> David Srbecky dsrbecky at gmail.com 
> Thu Aug 11 18:19:54 CEST 2005 wrote:
> 
> ] I have payed with the idea of using experimental subpackets
> ] of 'User Attribute Packet' and here is what I came up with:

> doesn't this pose some risk of exploit ?
> 
> suppose someone wants to put a malicious executable
> as part of the packet,
> and gives it some interesting name,

> is there anything in gnupg that would prevent the running of the 
> executable?
> (i.e. is the key just 'ignored' or 'refused'
> as 'key with unsupported packet type' ?
> 
> and can this protect against some type of malware corrupting the 
> system,
> just by getting gnupg to 'check' the packet ?)

1. GPG doesn't have any reason to be more vulnerable to this type of
"attack" than any other piece ef software.

It doesn't matter what you put in a supposed pgp public key block and
send to gpg -- gpg should not execute anything inside of it. If gpg does
execute machine code that's been passed to it in a file, it's a bug in
gpg. There may or may not be an undiscovered bug of this type in the
subpacket processing code in gpg.

Perhaps the reason you are concerned about this type of problem is that
you are used to hearing about "code that executes when you view a
malicious Word document" or "a worm that takes over your computer when
you view a specially crafted email using Outlook". Issues like those are
the result of poor application design. In other words, there is nothing
inherent about computers or computer programs that creates an
unavoidable progression from viewing or malipulating something to
executing it.


Eric





More information about the Gnupg-users mailing list