[37973] in bugtraq

home help back first fref pref prev next nref lref last post

Re: Inexcusable weakness in Kmail / GnuPG

daemon@ATHENA.MIT.EDU (Simple Nomad)
Fri Dec 24 12:58:55 2004

From: Simple Nomad <thegnome@nmrc.org>
Reply-To: thegnome@nmrc.org
To: "Thomas C. Greene" <thomas.greene@theregister.co.uk>
Cc: bugtraq@securityfocus.com
In-Reply-To: <200412230258.30181.thomas.greene@theregister.co.uk>
Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="=-xoYiErOKtgTRa7Rlksy0"
Message-Id: <1103869824.29362.370.camel@daemon.nmrc.org>
Mime-Version: 1.0
Date: Fri, 24 Dec 2004 00:30:24 -0600


--=-xoYiErOKtgTRa7Rlksy0
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable

<snip>

> So i compose my reply, and i'm just about to click the Send button, when =
i=20
> notice, quite by chance, that the reply is *not* encrypted by default, an=
d i=20
> am not warned about this fact.  My reply, and my entire past exchange wit=
h=20
> the source, is about to go out in fscking clear text! =20

Most if not all mailers are affected by certain bugs related to this. It
"forgets" the passphrase, but does it free the variable? Does it wipe
the variable with 0's or random data as soon as it is done with the
passphrase, assuming it is supposed to forget it? Does it page to swap?
Can this be prevented by running as root, which can do an mlockall()? Is
the binary suid root to allow non-root users to mlockall()? Are
privileges dropped? Is running suid root the best way to solve this
problem? Is a temp file used to create the encrypted message? Is the
temp file securely wiped? Where is the temp file written? Can simply
encrypting/decrypting by hand and importing/exporting/cutting/pasting
into the mail program an easier way to solve this for paranoid users?

Most mailers fail one or more of these tests. If this hasn't been
discussed, it should be, but it should also be discussed in the context
of whether the system running GPG is secure or not, and how hard would
it be to exploit the bugs. If someone can access your swap, you have all
kinds of problems, not just the possible passphrase recovery from the
swap itself.

As far as the functional bugs as stated below in mailers, I'm sure there
are others as I have seen this type of bug before -- where you are
allowed to sent email unencrypted when you think it is encrypted --
although for the life of me I cannot remember the mail program. IIRC I
did report the error to the mailer's authors, but switched mailers. I
recommend either contacting the authors, writing a patch, or switching
mail programs.

--=20
- Simple Nomad ---- thegnome@nmrc.org ---- thegnome@razor.bindview.com -
- "Patriotism means to stand by the country. It does not mean to stand -
- by the President or any other public official." - Theodore Roosevelt -

--=-xoYiErOKtgTRa7Rlksy0
Content-Type: application/pgp-signature; name=signature.asc
Content-Description: This is a digitally signed message part

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)

iD8DBQBBy7eAJHqkvWg48R0RAiBbAJ0XqFXSZOe6EcQ/93ZtK5FJQXdmoQCfSknh
YQeBe6ghktU2xaMm6RoFCls=
=iTM9
-----END PGP SIGNATURE-----

--=-xoYiErOKtgTRa7Rlksy0--


home help back first fref pref prev next nref lref last post