[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [Duplicity-talk] PASSPHRASE, the environment, memory, etc.
|
From: |
Neal Clark |
|
Subject: |
Re: [Duplicity-talk] PASSPHRASE, the environment, memory, etc. |
|
Date: |
Thu, 12 Apr 2007 16:52:54 -0700 |
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Apr 12, 2007, at 4:25 PM, Charles Duffy wrote:
Fishing a passphrase out of an environment variable on Linux is
dirt simple -- it exists in cleartext as /proc/<pid>/environ. You
don't want to use /tmp either; /dev/shm would be slightly better,
but not much at all.
Thanks, never knew that. Do you know how this works on FreeBSD (w/o
procfs)?
Frankly, protecting a system from an attacker with full hardware
access is a losing game -- but I'd think you'd want to keep the
password on the system being backed up, rather than anywhere else.
After all, you keep the data itself there; if it's not secure
enough to store your key, it's not secure enough to store the data
either, and you should move.
Well, its not that its not secure enough. They can't login to the
machine, obviously, and all the sensitive data is on a geli encrypted
partition, so if the machine were powered off or the hard drive were
moved, the data isn't coming back without a geom metadata backup,
kept nicely tucked away.
By spreading sensitive knowledge across more systems (both the
machine being backed up and the separate machine which stores the
key used for encrypting the backups), you're increasing your
overall exposure as well as adding more moving parts (and thus
failure cases).
I guess I could just keep the passphrase on the encrypted disk to
solve (or at least in some way address) the physical access vector,
but I was curious more about how the password 'hangs around' in the
environment and in duplicity itself. Like for example, could I
automate a way to fudge the environment duplicity executes in, like
perhaps in the python code, delete the environment variable after its
been read into the program? And also, is there anything I can do to
'secure' or what have you the fact that the passphrase is in memory?
Thanks for the reply :)
Neal
- --
public key: http://thrownproject.com/8C02CC33.asc
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.3 (Darwin)
iD8DBQFGHsZWOUuHw4wCzDMRAud6AJ9khkXiJA4EXJV2CEhUpyKRcm/dFwCeLo3O
cNQ1HLQpoUc1d0WkERE3ixw=
=aoaF
-----END PGP SIGNATURE-----
- [Duplicity-talk] PASSPHRASE, the environment, memory, etc., Neal Clark, 2007/04/12
- Re: [Duplicity-talk] PASSPHRASE, the environment, memory, etc., Charles Duffy, 2007/04/12
- Re: [Duplicity-talk] PASSPHRASE, the environment, memory, etc.,
Neal Clark <=
- Re: [Duplicity-talk] PASSPHRASE, the environment, memory, etc., Charles Duffy, 2007/04/12
- Re: [Duplicity-talk] PASSPHRASE, the environment, memory, etc., Jay Summet, 2007/04/12
- Re: [Duplicity-talk] PASSPHRASE, the environment, memory, etc., Neal Clark, 2007/04/12
- Re: [Duplicity-talk] PASSPHRASE, the environment, memory, etc., Charles Duffy, 2007/04/13
- Re: [Duplicity-talk] PASSPHRASE, the environment, memory, etc., Neal Clark, 2007/04/13
Re: [Duplicity-talk] PASSPHRASE, the environment, memory, etc., Mark Rose, 2007/04/12
- Prev by Date:
Re: [Duplicity-talk] PASSPHRASE, the environment, memory, etc.
- Next by Date:
Re: [Duplicity-talk] PASSPHRASE, the environment, memory, etc.
- Previous by thread:
Re: [Duplicity-talk] PASSPHRASE, the environment, memory, etc.
- Next by thread:
Re: [Duplicity-talk] PASSPHRASE, the environment, memory, etc.
- Index(es):