LD_PRELOAD attack
michael graffam
michael.graffam at gmail.com
Wed Jun 11 16:43:02 CEST 2008
Has anyone read the article in the most recent 2600 regarding using
LD_PRELOAD to eavesdrop on gnupg?
I realize that the actual recovery of a passphrase by this means is no
better than keylogger --
But what concerns me more (and isn't explicitely covered in the
article) is the ability to inject false randomness into GPG key
generation, or even change the plaintext going in.
I think the advice to statically link a strcmp and getenv into GPG for
purposes of checking/scrubbing the environment is a good one.
Sure - you have to trust the machine you're running on - but it seems
to me that a basic sanity check would be in order.
Thoughts?
-M
--
Sent from Gmail for mobile | mobile.google.com
More information about the Gnupg-users
mailing list