On Wednesday, April 24 at 03:37 AM, quoth Vincent Lefevre:
On 2013-04-23 20:06:10 -0500, Derek Martin wrote:Cute, but DoS is not the only vector as you well know. Using the message store or any part of the message store is not a workable solution. It's (in general) data from an untrusted source and must be treated as such. In particular, untrusted data must not be used as a source of input of any sort for functions used to secure the system. Doing so creates a potential attack vector.I disagree. The entropy is typically created from untrusted data.Note that message headers generally contain random data from different machines; you can also combine them with other data such as the time when the attachment is read, muttrc data (if the user has defined aliases, they are probably private), and so on.
So, what is the purpose of the entropy here? If the point is to find a likely-to-be-unique name for temporary files associated with the message, wouldn't something like an MD5 or SHA1 sum of the email in question be sufficient? An attacker might be able to predict the sum with a certain accuracy if he already has access to the message, but... what exactly are we protecting against here?
If the goal is to keep the attacker from DoS'ing the user... let's think about this a little. The simplest attack vector, if you have access to the user's temporary file directory, is to DoS the folder/filesystem itself, by simply creating bajillions of empty files (e.g. with sequentially numbered filenames), and thus make file creation either impossible or extremely slow. If the attacker has to resort to predicting gettimeofday-salted SHA1 sums just to prevent file-creation, you've already won; there's a lot of quicker routes to victory.
~Kyle --It was luxuries like air conditioning that brought down the Roman Empire. With air conditioning their windows were shut, they couldn’t hear the barbarians coming.
-- Garrison Keillor
pgphNdbugYm7b.pgp
Description: PGP signature
