On Tuesday 28 March 2006 14:32, Martin Paljak wrote: > On OS X, the CDSA subsystem and Tokend plugin run as tokend user. If > a user wants to use the pkcs#11 interface as well (to use opensc from > firefox too, for example) this would not be possible (assuming that > apple shall update the pcsc-lite in near future)
Right. So I can see three possibilities here: 1. Both tokend and libmusclepkcs11 (or more precisely, the service plugin) re-present the PIN for each usage of the private key(s), do everything within a PC/SC transaction and reset the card when they terminate the transaction. In this case, if tokend and libpkcs11 alternate usages of the card, the only effect is that the card will get reset at the beginning and the end of each transaction, rather than just the end. 2. One or the other component, or both, re-present the PIN for each usage of the private key(s) and don't reset the card when they terminate the transaction. In this case, if they alternate usage of the card, the card will get reset at the beginning of each transaction. This is not a problem unless there is some transient state other than the authentication status. 3. One or the other component, or both, don't re-present the PIN for each usage, and instead allow the authentication state to persist, re-authenticating only when the card requires it. In this case, if they alternate usge, the card will get reset at the beginning of each transaction, so each transaction will require re-authentication (and probably re-prompting). I just confirmed that tokend doesn't reset the card after each usage, BTW. Not with default settings anyway. It seems to me that the extra reset in case 1 doesn't hurt anything, and in cases 2 and 3 the present situation allows another use to hijack your credentials, so the change is for the better. Perhaps Apple has modified pcscd to prevent that? I just checked and I see on my Powerbook that the pcscd.comm socket file is world read-write, so they didn't limit it that way. Even with the user limiting being proposed here, I think there's still a problem with the OS X solution: it appears that any application can connect to tokend, regardless of what user it's running as. So even with pcscd-level user limiting, an attacker with an account on the machine can probably SSH in and use the tokend interface to make use of the card credentials. Unless maybe tokend (actually securityd) does its own user limiting -- I glanced at the code but it didn't jump out at me either way. > I could foresee some other similar crypto subsystems running as > different user as the user currently connected to the > 'console' (maybe http://delta.affinix.com/qca/ for example) And in those cases, I think the same reasoning applies. Resetting the card on each "user switch" is inconvenient, but not doing it is a gaping security hole. Shawn. _______________________________________________ Muscle mailing list [email protected] http://lists.drizzle.com/mailman/listinfo/muscle
