[Cryptography] read-once file, outside the filesystem ... or not

Ralf Senderek crypto at senderek.ie
Tue Nov 29 15:37:06 EST 2016

On Tue, 29 Nov 2016, John Denker wrote:

> On 11/29/2016 05:01 AM, Ralf Senderek wrote:
>> And I'd really like to replace this with a proper kernel enforced
>> use of a secure read-once file. That's why I'm interested to
>> know if such a thing could be implemented (with the prospect to
>> become a reality).
> This is never going to be implemented on any significant scale,
> for two reasons:
> 1) Read-once isn't the right semantics.  There are lots of cases
> where the seed would need to be read more than once.

It doesn't matter how many times the secret seed is read as long
as when the kernel sayes "boot finished" there's no more access
permitted by the kernel.

> 2) Putting it outside the normal filesystem is nothing more than
> «security by obscurity».  There have to be tools to install
> the thing.  The tools need to have permissions.  The existence
> of such tools is basically a big red arrow on the Death Star
> plans, saying "Attack Here".

Yeah, and the point of attack is the kernel, the accusation
of «security by obscurity» is nonsense.

> 3) To say the same thing in more constructive terms:  This is
> yet another of those cases where we really ought to rely on the
> standard mechanisms, e.g. file permissions ... and if that's
> not good enough, it's a serious bug, and needs to be reported
> upstream in the usual way.

File permissions alone don't reduce the attack surface.
Trying to limit access to early boot is a valid concept,
even if you don't like it.


> _______________________________________________
> The cryptography mailing list
> cryptography at metzdowd.com
> http://www.metzdowd.com/mailman/listinfo/cryptography

More information about the cryptography mailing list