LD_PRELOAD attack

Faramir faramir.cl at gmail.com
Thu Jun 12 02:11:36 CEST 2008


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

michael graffam escribió:

>>     Or turn on typescript by default.
> 
> 
> Doesn't save GPG passphrases.

  Is typescrit some sort of keylogger? If it is, I don't see any reason
why a keylogger can't catch the gpg passphrase (warning: there may be a
very good reason for that, it is me the one that doesn't see it).

>     Or load a kernel module that changes the meaning of system calls.  Or
>     replace the rng with one that isn't random.  Or, or, or.
> 
> 
> Root, root, root.

  Am I right when I think root is like "admin" in windows (not exactly
the same, but the same idea?) Is LD_PRELOAD a concern for windows users?
(I figure it is, since, as far as I understood, the reason so use
LD_PRELOAD is for portability of code)

>>      Having GPG do some extra checks doesn't
>>     really help, because the attacker can simply arrange for these extra
>>     checks to appear to succeed, or just replace GPG altogether so they
>>     don't run.

       But maybe it would help if GPG was not in the computer when the
attacker had access to it. But anyway, maybe there is a lot of other
nasty things that can be crawling in the computer, if somebody had
access to it...


> Sure, its true.. and if your threat model includes shotgun-carrying
> assailants or hostile root users, its entirely valid.

  In fact, there is no need of shotguns, my house door was broken by the
simple method of kicking it near the lock. The door itself resisted, but
the countersheet got broken (after many translation attempts, I am not
sure if I got the right word for the broken thing).
  But what do I mean? Maybe there are a simple way to solve the "locked
door" problem. It is just that since we are not the kind of people that
use to break through locked doors, we don't those ways to do it.


> But what about just some basic hygiene to keep honest people honest?
> Hell, thats what most REAL locks are for, anyhow.

  I think we use locks to discourage dishonest people from trying to
break in... we know we can't really prevent an attack, but the more hard
it is for them to succeed, it becomes less likely they will attempt an
attack.

  So, if there is a way to increase security, I, as end user, would
welcome it. But we need to always keep in mind security is never
absolute. The only secure computer, is the one stored inside a safe.

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.9 (MingW32)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org

iQEcBAEBAgAGBQJIUGm4AAoJEMV4f6PvczxAjmAH/iID4pf9c9JGWEculIZbmNCL
OFORj8ikyY3HmyPQQiRXB076GlpV08rj3ZYTYLs0813SdgwIdqKAxUS2Qje8X7sT
DN6seZR3Cv31kHrvEaM90Gssaxg6mzRPnhVCV8GIYDT53j5RA+EzmKoDavOrtSaN
eqLwHOPhkSiH7lZc1pz5k6AJDX68wC3q23iK42H4hU9moMe/q09TnAqHO62QnUyX
r3G7yc4nem8adSHp5gQvpxnoUi6Fm+rahwSASsiQv46GNZy6WarHtWTg0dikbDkI
IMQdytCqAAI7dxzfRif9BPmDFB+/A0WQO2F6tYIXLjUOKBVtjzyO9E4otAX9T0A=
=8YF3
-----END PGP SIGNATURE-----



More information about the Gnupg-users mailing list