[58] in The Cryptographic File System users list
Re: Protection against superuser?
daemon@ATHENA.MIT.EDU (Matt Blaze)
Thu Apr 23 23:14:22 1998
From owner-cfs-users@research.att.com Fri Apr 24 03:14:22 1998
Return-Path: <owner-cfs-users@research.att.com>
Delivered-To: cfs-mtg@bloom-picayune.mit.edu
Received: (qmail 9330 invoked from network); 24 Apr 1998 03:14:21 -0000
Received: from unknown (HELO rumor.research.att.com) (192.20.225.9)
by bloom-picayune.mit.edu with SMTP; 24 Apr 1998 03:14:21 -0000
Received: from research.att.com ([135.207.30.100]) by rumor; Thu Apr 23 23:08:56 EDT 1998
Received: from amontillado.research.att.com ([135.207.24.32]) by research-clone; Thu Apr 23 23:09:14 EDT 1998
Received: from nsa.research.att.com (majordomo@nsa.research.att.com [135.207.24.155])
by amontillado.research.att.com (8.8.7/8.8.7) with ESMTP id XAA13767;
Thu, 23 Apr 1998 23:09:12 -0400 (EDT)
Received: (from majordomo@localhost) by nsa.research.att.com (8.7.3/8.7.3) id XAA12533 for cfs-users-list; Thu, 23 Apr 1998 23:06:53 -0400 (EDT)
Received: from research.att.com (research.research.att.com [135.205.32.20]) by nsa.research.att.com (8.7.3/8.7.3) with SMTP id XAA12529 for <cfs-users@nsa.research.att.com>; Thu, 23 Apr 1998 23:06:51 -0400 (EDT)
Received: from fbi.research.att.com ([135.205.51.3]) by research; Thu Apr 23 23:08:55 EDT 1998
Received: from fbi.research.att.com (mab@localhost)
by fbi.research.att.com (8.8.5/8.8.5) with ESMTP id XAA09751;
Thu, 23 Apr 1998 23:08:11 -0400 (EDT)
Message-Id: <199804240308.XAA09751@fbi.research.att.com>
X-Authentication-Warning: fbi.research.att.com: mab owned process doing -bs
X-Mailer: exmh version 1.6.9 8/22/96
To: "Alex Raftis" <alex@echidna.doverpacific.com>
cc: cfs-users@research.att.com
Subject: Re: Protection against superuser?
In-reply-to: Your message of "Thu, 23 Apr 1998 18:16:57 PDT."
<9804240116.AA06308@echidna.doverpacific.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Date: Thu, 23 Apr 1998 23:08:09 -0400
From: Matt Blaze <mab@research.att.com>
Sender: owner-cfs-users@research.att.com
Precedence: bulk
A few caviats:
> On Thursday, April 23, 1998 you said:
>
> > sometime ago I downloaded and installed cfs on my workstation. After
> > testing it, I still don't get the point of cfs:
> >
> > In a normal Unix environment, if I want to avoid that other users read my
> > files I just have to set the file-access permissions accordingly and
> > that's it. Only "root" can still read my files, so I can encrypt (e.g.
> > with the "crypt" command) any files I do not want "root" to read. cfs
> > makes it a little more comfortable because I do not have to type a
> > password for every file I want to encrypt or decrypt, but then the
> > protection against "root" is lost because "root" can anytime go to my
> > mounted cfs-filesystem and read everything anyway.
> >
> > So, am I missing something here? What's the point of cfs? How are you
> > people using it?
>
> CFS does a couple of very important things for you.
>
> 1. Root cannot even read your directories. All root has access to is the
> encrypted directories, which he can't read. The plain text files are not
> visible to root, at least on my OPENSTEP 4.2 installation. Thus, if you user
> level permissions are set such that others can't read directories, only you
> will have access.
>
Let me just point out that I don't regard CFS, or any security mechanism,
as provding proper protection on a multi-user host, especially against
root. I've not analyized CFS against the threat of spoofing cfsd
on the local host to take advantage of a currently -attached directory.
CFS is designed against the threats of:
- insecure file servers (e.g., NFS servers)
- insecure backups
- laptop theft
Other users on the same machine, well, no guarantees from me...
> 2. CFS is secure. As far as my knowledge goes, even the U.S. Government
> cannot yet break Triple DES. Even thousands of computers on the internet
> working in tandem could not break Triple DES. This is opposed to the unix
> "crypt" command which is as about as secure as Jenny McCarthy delivering a
> singing telegram in the nude. Sure, the transport might distract you a
> little, but it's not going to stop you from getting the message. Unix's
> "crypt" is based on the German WW II Enigma cipher, and takes a modern
> computer about a picosecond to break.
I think the biggest threat against CFS's crypto is probably weak
passphrases.
-matt
