<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 4.0 Transitional//EN" "http://www.w3.org/TR/REC-html40/loose.dtd">

<html lang="en">

<head>

<meta content="text/html; charset=US-ASCII" http-equiv="Content-Type">

<title>

GitLab

</title>

<style>img {

max-width: 100%; height: auto;

}

</style>

</head>

<body>

<div class="content">

<p class="details" style="font-style: italic; color: #666;">

<a href="https://gitlab.com/guenther_brunthaler">Günther Brunthaler</a> created an issue: <a href="https://gitlab.com/gnutls/gnutls/-/issues/1333">#1333</a>

</p>

<div></div>

<p dir="auto">Under POSIX-like operating systems, the command line arguments of all

executed commands are visible to all users on the system.</p>

<p dir="auto">If malicious user Eve watches the certtool invocation of a different

user Alice who is using the --seed option, Eve will know what seed

Alice's private key has been generated from.</p>

<p dir="auto">If Alice also used the --provable option, Eve will even be able to

reconstruct Alice's private key, which is a very bad thing.</p>

<p dir="auto">Recommendation: The --seed option should either be removed or be

explicitly documented to be suitable for debugging and testing only. A

new option should be added which allows to read the seed from a file.

In this case, Eve will only see the filename on the command line, but

not the contents of the file.</p>

<p dir="auto">BTW: The --password option has quite a similar problem. But there is

the possibility to read it from standard input or from the

configuration file. Can the seed maybe read from the configuration file

also? But if so, neither the documentation nor the example

configuration file does mention it.</p>

<p dir="auto">Additional references:</p>

<p dir="auto">Other Downstream bug reports related to this issue:</p>

<p dir="auto"><a href="https://github.com/ShiftMediaProject/gnutls/issues/22" rel="nofollow noreferrer noopener" target="_blank">https://github.com/ShiftMediaProject/gnutls/issues/22</a></p>

<p dir="auto">Known external projects blocked by this issue:</p>

<p dir="auto"><a href="https://github.com/guenther-brunthaler/tilde_anyone-someplace-ssl__pki-dajhgna82z9cx6kwy6yalncmt/commit/6fd5cc20bd3a70d8bc447c8f3532e2810218edf5" rel="nofollow noreferrer noopener" target="_blank">https://github.com/guenther-brunthaler/tilde_anyone-someplace-ssl__pki-dajhgna82z9cx6kwy6yalncmt/commit/6fd5cc20bd3a70d8bc447c8f3532e2810218edf5</a></p>

</div>

<div class="footer" style="margin-top: 10px;">

<p style="font-size: small; color: #666;">

—

<br>

Reply to this email directly or <a href="https://gitlab.com/gnutls/gnutls/-/issues/1333">view it on GitLab</a>.

<br>

You're receiving this email because of your account on gitlab.com.

If you'd like to receive fewer emails, you can

<a href="https://gitlab.com/-/sent_notifications/45835bd83cc23882a91bba58c298154a/unsubscribe">unsubscribe</a>

from this thread or

adjust your notification settings.

<script type="application/ld+json">{"@context":"http://schema.org","@type":"EmailMessage","action":{"@type":"ViewAction","name":"View Issue","url":"https://gitlab.com/gnutls/gnutls/-/issues/1333"}}</script>

</p>

</div>

</body>

</html>