[Cryptography] Cryptographic archive format

Bill Frantz frantz at pwpconsult.com
Mon Dec 21 20:08:56 EST 2020

On 12/21/20 at 1:29 PM, phill at hallambaker.com (Phillip 
Hallam-Baker) wrote:

>The risk here is that someone crafts a malicious file path and sticks it
>into an archive so that the files end up overwriting the system files.

The decoder should not have write access to any 
files/directories/etc. that the user doesn't also have write 
access to. It is nearly impossible to make software that does 
its own management of these kinds of things without introducing 
security holes. A worked example is Postfix.

If necessary, create a new user that has the right kind of 
limited privileges and do the decode in that user. This is 
basically what the Polaris system, built at HP labs did with Windows.

Cheers - Bill

Bill Frantz        |"Web security is like medicine - trying to 
do good for
408-348-7900       |an evolved body of kludges" - Mark Miller
www.pwpconsult.com |

More information about the cryptography mailing list