[Cryptography] Use Linux for its security
Ray Dillinger
bear at sonic.net
Thu Sep 29 00:15:59 EDT 2016
On 09/28/2016 06:20 AM, Ralf Senderek wrote:
>
> Everyone who complains about this situation should have asked himself:
> "When did I last donate my time and effort to essential code review?"
> (including efforts to reduce complexity).
Um, yesterday.
I checked in a code patch in an opensource project shutting down a
possible buffer overrun attack where somebody was doing an unchecked
read-line from a config file into a fixed-size stack buffer.
It's not like the app is in any way significant yet; nobody's got it
installed except a few developers who are trying to get it up to
pre-alpha status.
But it's depressingly common even in "mature" code. Depressingly
simple. And not even remotely crypto-related, except in the sense that
the calls which result from running the app with an attacker's
stack-smashing config file is made with the target's privs, while the
target is logged in and therefore while the target's wallets, keyrings,
etc are open and encrypted volumes transparently mounted.
Oh, and if this mistake ever does get made in a crypto application the
attacker gets strpbrk, index, memchr, etc to poke around all the
application's allocated memory including its keys and so-called "secure"
buffers.
No point attacking the crypto if you can stroll around it....
Bear
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 819 bytes
Desc: OpenPGP digital signature
URL: <http://www.metzdowd.com/pipermail/cryptography/attachments/20160928/04d48c50/attachment.sig>
More information about the cryptography
mailing list