[144550] in cryptography@c2.net mail archive
Re: password safes for mac
daemon@ATHENA.MIT.EDU (Adam Shostack)
Wed Jul 1 17:30:02 2009
Date: Wed, 1 Jul 2009 14:54:25 -0400
From: Adam Shostack <adam@homeport.org>
To: Nicolas Williams <Nicolas.Williams@sun.com>
Cc: "Perry E. Metzger" <perry@piermont.com>,
Jacob Appelbaum <jacob@appelbaum.net>,
Ivan Krsti?? <krstic@solarsail.hcs.harvard.edu>,
cryptography@metzdowd.com
In-Reply-To: <20090701180605.GK15302@Sun.COM>
On Wed, Jul 01, 2009 at 01:06:05PM -0500, Nicolas Williams wrote:
| On Wed, Jul 01, 2009 at 12:32:40PM -0400, Perry E. Metzger wrote:
| > I think he's pointing out a more general problem.
|
| Indeed. IIRC, the Mac keychain uses your login password as its passphrase
| by default, which means that to keep your keychain unlocked requires
| either keeping the password around (bad), keeping the keys in cleartext
| around (worse?), or prompting for the password/passphrase every time
| they are needed (unusable).
|
| This applies to ssh-agent, the GNOME keychain, etcetera. It also
| applies to distributed authentication systems with password-based
| options, like Kerberos.
As I understand things (and I'm no expert in MacOS internals)
LoginWindow is a mandatory process, those others are optional and
configurable. I keep keychain and 1password on short leashes, which
may not matter at all from the perspective of a sneaky trojan which
waits around and then grabs the data, but makes me feel better.
Adam
#include <stddisclaimer.h>
---------------------------------------------------------------------
The Cryptography Mailing List
Unsubscribe by sending "unsubscribe cryptography" to majordomo@metzdowd.com
