Nicolas Williams wrote: >On Mon, Feb 26, 2007 at 03:38:16PM -0800, Darren.Reed at Sun.COM wrote: > > >>Recently I was quite shocked when I looked in my .gaimrc >>file and found that it stored passwords in clear text. >> >> > >Yes, I know. I have to type a password very often for one particular IM >service too -- I have to because I refuse to let Gaim remember it. > > > >>Then whilst reading the NWAM spec it mentioned that wifi >>passwords are also stored in clear text. >> >> > >Yes, but these are stored in local files not readable to joe random >user. > >
Lets see...if we assume a system prior to SBD and NFS mounted home: # su - nicow $ cd /home/nicow $ vi .rhosts $ rsh laptop or I could be even less elaborate (;-) if it's unpatched: $ telnet -l -froot laptop ...now where were those wifi keys? >... >Applications like Gaim could also do what ssh(1) does: encrypt secrets >in some passphrase and prompt the user for the passphrase instead of the >actual secret. Firefox supports this, for example. > > Right. The idea is that rather than have n applications doing it "their own way", provide a common API or place for them to put said data. >>So what I'd like to suggest is that Solaris provides access >>to an encrypted storage "device" that applications can use >>to put "sensitive" material in. >> >> > >Unless that is a tamper-resistant/evident hardware token and protocols >are used such that the secret need never leave the token in cleartext >then you can't achieve this. > > It depends on what level of completeness is being attempted. >... >System applications ultimately have to store secrets in hardware tokens >or in cleartext locally. Scrambling such secrets doesn't help. > > I disagree. Between those black and white options, there are quite a few "grey" ones inbetween. Darren
