[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

uswsusp - security hole fixed?

Hello list,

as I am a little security aimed, my /usr, /var and /home (each on a separate 
partition) are enrypted with luks.

Some time ago, I discovered, that when I suspend my system (suspend-to-disk), 
and resume it again, I did not need to enter the password for /usr. 

Well, my computer asked for it, but pressing enter for three times let the 
system boot up. The resume device was the swap device, which was not 
encrypted. 

This means, at that time, the password to encrypt the partitions were stored 
on the swap device when suspended. Very bad idea!!!

So, my solution was, to encrypt the swap partition, too (with luks).  (Yes, I 
know, this is not officially recommended)

That worked well in the security sense. But from now on appeared a new 
problem: resume did not always work well (although the swap device was opened 
well at resume) and from time to time I had to add the parameter "noresume" at 
boot. Also not much satisfying. 

Now I changed back to an unencrypted swap device, resume works well again.

However, the behaviour changed: When entering the wrong password at resume for 
/usr three times, the system shuts off and reboots again. This new boot is a 
fresh boot, it is no resume. 

So far to the situatiion. 

Now my notes/questions:

1. What is the status of suspend to disk at the moment, when we use encrypted 
partitions with the prior look to security? Known bugs? Not possible?

2.  When entering the wrong password(s), the system should not fresh reboot, 
but starting in resume  mode again.

3. I believe, the memory data and the swap data can be stored somewhere else, 
so IMO it should be /usr by default. Good idea?

4. Do I need UUID entries in some config files? respective Are UUID entries 
preferred before standard entries like /dev/sdaX?

My hardware is an EEEPC 1005HGO, debian/testing 32-bit, actual packet versions 
(from today).

I would be happy, when someone could make some things for me a little bit 
clearer, as uswsusp also involves cryptsetup and update-iniramfs-tools, which 
are also configured, when I run "dpkg-reconfigure uswsusp".

Maybe other people might also be interested in security and want to know.

Thanks for any help.

Best regards

Hans
Reply to: