Bugs item #1771890, was opened at 2007-08-10 10:21 Message generated for change (Comment added) made by sbonev You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=642714&aid=1771890&group_id=105970
Please note that this message will contain a full copy of the comment thread, including the initial issue submission, for this request, not just the latest update. Category: extensions Group: None >Status: Open Resolution: Invalid Priority: 5 Private: No Submitted By: sbonev (sbonev) Assigned to: Rob Mensching (robmen) Summary: InstallCertificates CA writes to CertificateHash table Initial Comment: In scacert.cpp (ResolveCertificate()) there is code that writes to the CertificateHash table. This seems to be a security issue and can be exploited through a data tampering attack. Shouldn't the CA check the hash instead of writing it? It looks like the hash needs to be computed at build time, not at run time. ---------------------------------------------------------------------- >Comment By: sbonev (sbonev) Date: 2007-08-10 12:55 Message: Logged In: YES user_id=1855036 Originator: YES I see. Still, wouldn't it be better to compute the hash at build time to eliminate a potential point of failure at run time? ---------------------------------------------------------------------- Comment By: Rob Mensching (robmen) Date: 2007-08-10 12:13 Message: Logged In: YES user_id=991639 Originator: NO The CertificateHash table is used to communicate the hash contained in the certificate to the IIS CustomActions for SSL. That hash is used to find the certificate in the certificate store. If the value was somehow tampered with (not exactly sure how you would go about doing that) then IIS would just not load the certificate and SSL would not work. I don't see how this could be considered a security bug. It isn't even clear how you tamper with the data. ---------------------------------------------------------------------- You can respond by visiting: https://sourceforge.net/tracker/?func=detail&atid=642714&aid=1771890&group_id=105970 ------------------------------------------------------------------------- This SF.net email is sponsored by: Splunk Inc. Still grepping through log files to find problems? Stop. Now Search log events and configuration files using AJAX and a browser. Download your FREE copy of Splunk now >> http://get.splunk.com/ _______________________________________________ WiX-devs mailing list [email protected] https://lists.sourceforge.net/lists/listinfo/wix-devs
