Re: pasting of passphrases please?



On Fri, Aug 7, 2009 at 10:33 AM, Jens Prüfer<jens pruefer gmx de> wrote:
> Hi,
>
> thanks for the quick response.
>
> On Fri, 2009-08-07 at 09:59 -0400, Adam Schreiber wrote:
>
>> My actual response is::
>>
>> Comment #1 from Adam Schreiber (seahorse developer, points: 19)
>> 2008-08-28 16:47 UTC [reply]
>>
>> You could store the passphrase securely in gnome-keyring. You would have to
>> enter it manually once and then it would be provided automatically in the
>> future.
>>
>> Go to System -> Preferences -> Encryption and Keyrings
>>
>> On the PGP Passphrases tab, select Always remember passphrases whenever logged
>> in and additionally if you want to be asked before it's provided check the box
>> next to Ask me before using a cached passphrase.
>>
>> which says nothing about the relative security of the requested
>> feature or the provided solution.
>
> True. I thought you implied that this was the more secure solution
> compared to allowing pasting of passwords. Sorry, if I misinterpreted.
> So there is no security reason to restrict cut&paste?

Other than the non-pagable memory issue, any application can be
registered to listen to clipboard changes, but that's not really in
our security domain because then the user's session has already been
compromised.

>> > Moreover, it was suggested to use the "always remember passphrase"
>> > function of the gnome keyring to only have to do this once per session.
>> > Why is storing a key permanently in memory considered more secure than a
>> > 20 second storage of a passphrase in case of "cut&paste" using keepassX?
>>
>> I'm not familiar with keepassX, but gnome-keyring stores your secrets,
>> passphrases included, in non-pagable memory when your keyring is
>> unlocked and in an encrypted file in your home directory with
>> appropriate permissions other wise.  I'm guessing that's similar to
>> what keepassX provides.
>
> Yes, but keepassX provides me with a cross plattform solution, so I can
> use the kdb file on my USB stick under Windows, Linux and Mac (OS X).
>
>> > Just because clipboard memory can be paged out to disk?
>>
>> You might want to read a recent list post from Stef discussing
>> changing the secure-entry widget currently used to a secured version
>> of GtkEntry shipped in GTK+.
>
> You mean this?
>
> http://mail.gnome.org/archives/seahorse-list/2009-July/msg00006.html
>
> I thought that "there is no new entry" means I still could not paste
> passphrases?

GtkEntry allows you to set the buffer object at instantiation in 2.17
or after.  The buffer can be such that it uses non-pagable memory.  If
you can C&P with GtkEntry in password mode, gtk_entry_set_visibility (
FALSE);, you will be able to with the entry using a secure buffer
object moving forward.

>> If you use a laptop and suspend or hibernate it, your memory is paged
>> to the disk.
>
> Indeed. This would also include any passphrases stored in "non pageable"
> RAM, right? That is why I use dm-crypt also for my swap partition.

No, any contents of non-pagable memory would be lost when your system
suspends or hibernates.  In the case of gnome-keyring, if your
screensaver is set to lock, the contents are removed from memory
completely when it locks, including suspend or hibernation.

Adam

> However, I'd have to hibernate my system within 20 seconds after
> cut&pasting my passphrase to seahorse. After that, memory is scrubbed by
> keepass. I could live with that restriction.
>
> Cheers
>
> Jens
>
>
>


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]