GnuPG signed message spoofing vulnerability
Posted Mar 8, 2007 18:32 UTC (Thu) by kingdon
In reply to: GnuPG signed message spoofing vulnerability
Parent article: GnuPG signed message spoofing vulnerability
Well, the FAQ doesn't elaborate, but it is generally good security practice to try to isolate different components, so that bugs or compromises in one would not tend to affect the others. For example, the way postfix is broken into several executables, or the way it is widely considered to be bad to have a GUI application setuid.
Now, in the GPG context it isn't quite as clear-cut, since GPG isn't setuid, but still, the number of possible couplings (including undesired ones) between a library and its caller are greater than between an executable and its caller.
to post comments)