Bug#152444: mutt/1269: send_charset doesn't support charset-hook'd charsets
Synopsis: send_charset doesn't support charset-hook'd charsets Comment added by tamo on Sun, 30 Apr 2006 10:45:31 +0200 - Uploading MORIYAMA-san's patch. - Adding keyword: patch. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#96144: mutt/580: mutt stores PGP passphrase insecurely
* Sun Oct 9 2005 Derek Martin [EMAIL PROTECTED] On Fri, Oct 07, 2005 at 02:42:51PM +0200, Thomas Roessler wrote: On 2005-10-07 04:35:02 +0200, Derek Martin wrote: Admittedly this is not a severe issue, but it is a legitimate security concern. I think this really ought to be re-opened. I disagree, unless someone can actually demonstrate (a) a realistic attack model against which mutt is vulnerable, and (b) a defense against this attack model that could be implemented. Still, I'd like to hear what others with more experience than I have to say about this issue. I don't think both (a) and (b) are satisfied. But I want to share the result of my experiment. I did: 0: run mutt and decrypt a PGP message. 1: run another mutt and decrypt the same PGP message. 2: run a script which uses a lot of memory. 3: (as root) cat /dev/hda3 (my swap) | strings | grep -5 some-of-my-passwd | tee /tmp/pgppasswd.txt 4: reboot without swap 5: (as root) cat /dev/hda3 | strings | grep -5 some-of-my-passwd | tee /tmp/pgppasswd.2.txt pgppasswd.txt: = PGP message successfully decrypted. ]9;1130148457 mutt mutt /home/tamo/.mutt/pgp password /home/tamo/.terminfo [%i%p1%d;%p2%dr [%i%p1%dG [%i%p1%d;%p2%dH [?25l -- ja_JP.EUC-JP ja_JP.EUC-JP mutt ja_JP.EUC-JP /home/tamo/.mutt/pgp password /usr/lib/gconv/EUC-JP.so /usr/lib/gconv/EUC-JP.so /usr/lib/gconv/EUC-JP.so /usr/lib/gconv EUC-JP.so = pgppasswd.2.txt: = 1234567890 1234567890 1234567890 1234567890 1234567890 password /home/tamo/.terminfo [%i%p1%d;%p2%dr [%i%p1%dG [%i%p1%d;%p2%dH [?25l -- charset iso-2022-jp x-action pgp-encrypted plain password /usr/lib/gconv/EUC-JP.so /usr/lib/gconv/EUC-JP.so /usr/lib/gconv/EUC-JP.so /usr/lib/gconv EUC-JP.so = So, if the machine you are running mutt is stolen, the disc may contain your plain passphrase. Is this realistic? I don't know. But it was so easy that I could demonstrate. If the thief knows a part of your passphrase, he can grep it like I did. -- tamo -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#96144: mutt/580: mutt stores PGP passphrase insecurely
The following reply was made to PR mutt/580; it has been noted by GNATS. From: TAKAHASHI Tamotsu [EMAIL PROTECTED] To: [EMAIL PROTECTED], [EMAIL PROTECTED] Cc: Subject: Re: mutt/580: mutt stores PGP passphrase insecurely Date: Mon, 24 Oct 2005 23:13:49 +0900 * Sun Oct 9 2005 Derek Martin [EMAIL PROTECTED] On Fri, Oct 07, 2005 at 02:42:51PM +0200, Thomas Roessler wrote: On 2005-10-07 04:35:02 +0200, Derek Martin wrote: Admittedly this is not a severe issue, but it is a legitimate security concern. I think this really ought to be re-opened. I disagree, unless someone can actually demonstrate (a) a realistic attack model against which mutt is vulnerable, and (b) a defense against this attack model that could be implemented. Still, I'd like to hear what others with more experience than I have to say about this issue. I don't think both (a) and (b) are satisfied. But I want to share the result of my experiment. I did: 0: run mutt and decrypt a PGP message. 1: run another mutt and decrypt the same PGP message. 2: run a script which uses a lot of memory. 3: (as root) cat /dev/hda3 (my swap) | strings | grep -5 some-of-my-passwd | tee /tmp/pgppasswd.txt 4: reboot without swap 5: (as root) cat /dev/hda3 | strings | grep -5 some-of-my-passwd | tee /tmp/pgppasswd.2.txt pgppasswd.txt: = PGP message successfully decrypted. ]9;1130148457 mutt mutt /home/tamo/.mutt/pgp password /home/tamo/.terminfo [%i%p1%d;%p2%dr [%i%p1%dG [%i%p1%d;%p2%dH [?25l -- ja_JP.EUC-JP ja_JP.EUC-JP mutt ja_JP.EUC-JP /home/tamo/.mutt/pgp password /usr/lib/gconv/EUC-JP.so /usr/lib/gconv/EUC-JP.so /usr/lib/gconv/EUC-JP.so /usr/lib/gconv EUC-JP.so = pgppasswd.2.txt: = 1234567890 1234567890 1234567890 1234567890 1234567890 password /home/tamo/.terminfo [%i%p1%d;%p2%dr [%i%p1%dG [%i%p1%d;%p2%dH [?25l -- charset iso-2022-jp x-action pgp-encrypted plain password /usr/lib/gconv/EUC-JP.so /usr/lib/gconv/EUC-JP.so /usr/lib/gconv/EUC-JP.so /usr/lib/gconv EUC-JP.so = So, if the machine you are running mutt is stolen, the disc may contain your plain passphrase. Is this realistic? I don't know. But it was so easy that I could demonstrate. If the thief knows a part of your passphrase, he can grep it like I did. -- tamo -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#96144: mutt/580: mutt stores PGP passphrase insecurely
Synopsis: mutt stores PGP passphrase insecurely State-Changed-From-To: closed-chatting State-Changed-By: tamo State-Changed-When: Fri, 07 Oct 2005 10:54:07 +0200 State-Changed-Why: Derek complains. Comment added by tamo on Fri, 07 Oct 2005 10:54:07 +0200 reopen as a doc-bug (chatting) despam Mutt can use gpg-agent, OpenBSD has swap-encryption, mutt himself can't do anything without zero-uid. But we can document some warnings anyway. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#259145: mutt/2087: % in pager_format overshoots by 10 repetitions
Synopsis: % in pager_format overshoots by 10 repetitions Comment added by tamo on Mon, 26 Sep 2005 13:12:22 +0200 Uploading a patch to add M_FORMAT_PAGER. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
Bug#152444: mutt/1269: send_charset doesn't support charset-hook'd charsets
Synopsis: send_charset doesn't support charset-hook'd charsets Comment added by tamo on Mon, 15 Aug 2005 14:50:47 +0200 FYI: Some discussion here: For 1.5.9: iconv-hook patch by Moriyama-san http://marc.theaimsgroup.com/?l=mutt-devm=110873560103951w=2 And the conclusion: http://marc.theaimsgroup.com/?l=mutt-devm=110934238023932w=2 No side effect so far. The iconv-hook patch is well-tested. Should this be marked as need-eg? I don't think so, but I think we can apply this patch very safely. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of unsubscribe. Trouble? Contact [EMAIL PROTECTED]
