[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: gpg: "Warning: using shared memory" - SUID?

On Thu, Nov 30, 2000 at 09:03:57PM -0800, kmself@ix.netcom.com wrote:
> on Thu, Nov 30, 2000 at 10:57:53PM -0500, Harry Henry Gebel (hgebel@magpage.com) wrote:
> > On Thu, Nov 30, 2000 at 10:09:26PM -0500, Chris Gray wrote:
> > > >>>>> "kmself" == kmself  <kmself@ix.netcom.com> writes:
> > >     >>  You're probably right about this (IANA security expert), but
> > >     >> these should only be readable by root.  Also, if you have a
> > >     >> malicious root, your private key isn't going to be all that
> > >     >> safe anyway.
> > >     kmself> Well, on disk, your private key is secured by your
> > >     kmself> passphrase (right?).  
> > > I just did a 'less' on my secring.gpg, so...  (remember the thread on
> > > the difficulty of password protecting a directory recently) 
> > > I don't think that the private key is encrypted in any way.  The fact
> > > that it has mode 0600 is seen as security enough.
> > 
> > The mode is NOT seen as security enough. The private key is encrypted using
> > a symmetrical cipher whose key is derived from a hash of the
> > passphrase. (the exact cipher and hash can be specified in an S2K block in
> > the secret keyring) In other words, if you selected a very good passphrase
> > (this is a BIG if for most people) if is just as well encrypted as any gpg
> > encrypted message message. The reason people must not be allowed to read it
> > is that it gives attackers a single key to discover that can then be used
> > to recover ALL of the (symmetrical) keys used to encrypt messages with that
> > key, (and because most people choose poor passwords discovering that one
> > key would not be hard for most people's keyrings. I am not sure what doing
> > 'less' on the keyring is supposed to indicate?
> 
> Thanks, Harry.
> 
> Ok, understanding that, why was I able to export my secret key without
> being prompted for a passphrase, or are the passphrase and key managed
> independently -- I can export the key but it's still no good without the
> passphrase?

You would still need to supply the passphrase to decode it, create a new
account and import the key into it and it will ask you for the passphrase
whenever you try to use it. If you have installed the doc-rfc package you
can find the details of GnuPG file formats, etc in
/usr/doc/doc-rfc/Proposed_Standard_Protocols/rfc2440.txt.gz (the OpenPGP
standard, which what GnuPG is based on.) There is also a lightly annotated
version of the RFC on the GnuGP website.

-- 
Harry Henry Gebel, ICQ# 76308382
West Dover Hundred, Delaware
Reply to: