Re: kernel tty buffers and "cold-boot attacks"

To: M.Drochner%fz-juelich.de@localhost
Subject: Re: kernel tty buffers and "cold-boot attacks"
From: "Perry E. Metzger" <perry%piermont.com@localhost>
Date: Mon, 14 Jul 2008 15:41:55 -0400

Matthias Drochner <M.Drochner%fz-juelich.de@localhost> writes:
> When I checked the pam-pwauth_suid module for information
> leaks I found that kernel buffers used for IPC keep
> sensitive information for longer time too.
> Most notably tty buffers, because raw tty devices
> are used normally to enter passwords.
> In this case, since tty input is processed character by
> character anyway, it would not cost much to clear the
> buffer out after the reader got the data.
> Do you think this is OK?
>
> This could be taken much further, but for sockets we have
> encrypted protocols. Remain pipes... don't know whether
> something should be done here. Would be easy in
> the !PIPE_SOCKETPAIR case.

I think it is a good idea. In addition...

There was a good paper at Usenix Security a few years ago about a tool
called "taint bochs":

http://www.stanford.edu/~blp/papers/taint.pdf

It might be worth running it over NetBSD to find other places such
data hides.

Perry

Follow-Ups:
- Re: kernel tty buffers and "cold-boot attacks"
  - From: Matthias Drochner

References:
- kernel tty buffers and "cold-boot attacks"
  - From: Matthias Drochner

Prev by Date: kernel tty buffers and "cold-boot attacks"
Next by Date: Re: rfc: high-resolution timer framework
Previous by Thread: kernel tty buffers and "cold-boot attacks"
Next by Thread: Re: kernel tty buffers and "cold-boot attacks"
Indexes:

Home | Main Index | Thread Index | Old Index