Confirmation for cached passphrases useful?

Grant Olson kgo at
Thu Oct 14 22:31:09 CEST 2010

On 10/13/10 11:51 AM, Daniel Kahn Gillmor wrote:
> From a different perspective, i could run the agent itself in a
> constrained account, and replace the prompting tool with a tool that
> requires, say, an ACPI event, or a special keypress (not an X11 event)
> from a designated hardware button.  in that case, malicious code with
> access to the X11 session could detect that a prompt had been made, and
> possibly dismiss it or hide it from the user, but could not force
> acceptance of the keypress without superuser access (at which point,
> game over anyway).  To take a vulnerability from a malicious use of
> secret key material to a simpler denial of service attack strikes me as
> a move in the right direction.

But ultimately once you start trying to fix the problem by offloading
the checks to special hardware, you might as well just key a smart card
reader with an integrated keypad.  Then you can use a simple pin.  Not
quite as convenient as hitting Y/N, but way more convenient than a
really strong password.


"I am gravely disappointed. Again you have made me unleash my dogs of war."

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 559 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20101014/640b7e8d/attachment-0001.pgp>

More information about the Gnupg-users mailing list