By Jake Edge
August 10, 2011
While it is "boring stuff" at some level, consolidating the
various desktop cryptography solutions has the potential to
"pleasantly surprise our users and impress them", according to
Stef Walter in his presentation at this year's Desktop Summit in Berlin. His
talk, "Gluing Together Desktop Crypto" outlined his plan to use PKCS#11
as the "plumbing" that will serve as the foundation for
desktop-wide and cross-desktop sharing of keys and certificates. Once the
boring parts are taken care of, "we can do more interesting
things", he said.
![[Stef Walter]](/images/2011/ds-walter-sm.jpg)
The basic problem that Walter is trying to solve is that many of our
applications have their own ideas of where to store keys and certificates,
which leads to duplication and, sometimes, user confusion. If two (or
more) separate
applications are accessing the same site and service (e.g. https), it would
be much simpler if they were both using the same cryptographic information.
Centralizing the storage of keys and certificates will make it easier for
users to migrate that data to new systems as well.
The current crop of desktop encryption tools is good, and many of the tools are
very stable, he said, but they need to be glued together to make them
more usable. He is involved in both gnome-keyring and Seahorse development and
noted that those applications already do some consolidation. For example,
gnome-keyring stores both ssh and GPG keys, but it needs to be done
"one level lower", he said. There needs to be a single store
for keys and certificates, "so the user doesn't have to care about
where they live". There is lots of diversity on the desktop, which
"should be celebrated" but not pushed out to users, he said.
Fedora is currently porting applications to use Mozilla's Network Security
Services (NSS), which has a
certificate store, but he has an alternate proposal that will still work
with Fedora's solution. He is proposing to use PKCS#11 (p11) as the
standard for keys and certificates, because it has a number of different
useful characteristics including integrating with hardware crypto devices
and smart cards.
There are three steps that need to be taken to hide the complexity of
crypto on the desktop from the user, he said. First you need to be able to
store keys and certificates in such a way that all applications and crypto
libraries can access the same ones. Second is that the framework
needs to make consistent trust decisions. Today it is too often the case
that one desktop application can connect to a particular service or system, but
that others on the same box
cannot—or they each may need to be configured separately. Lastly, there needs to be a way for applications
to refer to keys and certificates in a consistent way, so that they (and
users) can refer to them in standard ways.
Key storage is special, Walter said, so that a simple file or database
cannot be used for that purpose. The idea is that some keys never leave the key
store, instead the store signs those keys and returns that blob for use
elsewhere. According to Walter, p11 makes for a good key store that can be
used to glue together the different libraries that are used in various
applications.
The p11 standard has "modules" that are something like drivers for
different kinds of devices or storage facilities. It has a C API that is
"old and baroque", but it does what is needed, he said. It is
"not perfectly awesome, but what it has going for it is that it is
supported in everything". Gnome-keyring and NSS already support it,
while support in GLib, OpenSSL, and others is a work in progress.
When using p11 on the desktop, there are some coordination issues that need
to be resolved for a single application that is using multiple libraries which
all use the same p11 module. That's where p11-kit comes into
play. It will coordinate the access to p11 modules as well as providing a
consistent way for applications to determine which modules are installed
and enabled on the system. It also handles some configuration duties, for
example by telling applications and crypto libraries what key store they
should be using.
Any application that is using p11 can use p11-kit because
it can be used as a p11 proxy module. Due to the module mode, it can be used
in various places without actually integrating it into the code. Walter
specifically mentioned Java and Solaris as two possibilities there. It's
BSD licensed and has no dependencies other than libc.
Trust decisions are another area that Walter would like to see addressed
and he thinks that can be done using p11 as well. A trust decision is a
positive or negative assertion about a particular object (e.g. key or
certificate). It can also associate a level of trust in the object. The
p11-glue freedesktop.org umbrella project,
which is where this work is being done, has a proposed specification
for storing these assertions.
Since the keys and other objects don't leave the key store, there needs to
be a way to consistently refer to them so that they can be reused. There
is an IETF
RFC draft for p11 universal resource identifiers (URIs) that could be
used. Those objects could then be referred to using the pkcs11:
URI scheme.
None of the p11 support is "written in stone", Walter said.
It is all still being designed and developed so he invited interested
parties to get involved and help shape it. Once the code is written and
gets into the distributions, users will have a much easier time dealing
with crypto objects for multiple applications and desktops.
Several audience questions further explored the possibilities that this
work would enable, including Mac OS X and Windows support and how to handle
PIN queries for accessing smart cards. One area that is still needing a
lot of attention is certificate revocation lists (CRLs). Revocations are
essentially negative trust assertions that could be stored. Another
possibility is to make a p11 module that exposes a directory of CRLs that
can be used by applications. There is "no actual progress
there", he said, but there are "solid plans". It is a
topic that is under active IETF discussion as well, he said.
Making desktop crypto work reliably, and largely invisibly, across all of
the applications on the free desktop would be an enormous boon for users.
Having Firefox and Chromium (as well as other browsers) share certificates
(and the level of trust the user has in them) would be quite nice, but it
reaches out even further than that. Lots of other applications are
rendering web content these days, so those could share the same information
too. Multiple email clients could hook into the same keys, regardless of
whether they were GPG keys or X.509 keys from some other email encryption
scheme. Switching to a different desktop environment would no longer
necessitate a repopulation of keys and certificates for various
services. And so on. As Walter said, it certainly has the possibility of
surprising and even impressing users who have likely been bitten by some of
these problems in the past.
[ I would like to thank KDE e.V. and the GNOME Foundation for assistance
with my travel to the Desktop Summit. ]
Comments (10 posted)
Brief items
--
xkcd
Hint to distributions and software developers: if you're going to
use libavcodec (or libavformat, etc.) for your project, consider
restricting the default build to include only *commonly* used
codecs and demuxers. The code quality of many of the more obscure
formats is questionable at best.
--
Dan Rosenberg
Comments (7 posted)
The Electronic Frontier Foundation (EFF), in collaboration with the Tor
Project, has launched an official 1.0 version of HTTPS Everywhere.
"
HTTPS Everywhere was first released as a beta test version in June
of 2010. Today's 1.0 version includes support for hundreds of additional
websites, using carefully crafted rules to switch from HTTP to
HTTPS." LWN
covered HTTPS
Everywhere in June 2010.
Full Story (comments: 10)
New vulnerabilities
cifs-utils: denial of service
| Package(s): | cifs-utils |
CVE #(s): | CVE-2011-2724
|
| Created: | August 9, 2011 |
Updated: | September 23, 2011 |
| Description: |
From the Red Hat bugzilla:
Originally the CVE-2010-0547 identifier has been assigned by Common
Vulnerabilities and Exposures to the following security issue:
client/mount.cifs.c in mount.cifs in smbfs in Samba 3.4.5 and earlier does not verify that the (1) device name and (2) mountpoint strings are composed of valid characters, which allows local users to cause a denial of service (mtab corruption) via a crafted string.
Later a bug was found in the upstream patch for this issue. More specifically:
check_mtab() calls check_newline() to check device and directory name.
check_newline() returns EX_USAGE (1) when error is detected, while check_mtab() expects -1 to indicate an error.
This bug in original CVE-2010-0547 fix (not to propagate the error properly) caused mount.cifs command on specially-crafted mount point (containing newline character) still to succeed and potentially, to corrupt mtab table on the systems, where CVE-2010-0296 glibc fix was not applied yet. |
| Alerts: |
|
Comments (none posted)
drupal7: restriction bypass
| Package(s): | drupal7 |
CVE #(s): | |
| Created: | August 9, 2011 |
Updated: | August 10, 2011 |
| Description: |
From the Drupal advisory:
Drupal 7 contains two new features: the ability to attach File upload fields to any entity type in the system and the ability to point individual File upload fields to the private file directory.
If a Drupal site is using these features on comments, and the parent node is denied access (either by a node access module or by being unpublished), the file attached to the comment can still be downloaded by non-privileged users if they know or guess its direct URL. |
| Alerts: |
|
Comments (none posted)
ecryptfs-utils: multiple vulnerabilities
| Package(s): | ecryptfs-utils |
CVE #(s): | CVE-2011-1831
CVE-2011-1832
CVE-2011-1833
CVE-2011-1834
CVE-2011-1835
CVE-2011-1836
CVE-2011-1837
|
| Created: | August 10, 2011 |
Updated: | January 9, 2012 |
| Description: |
From the Ubuntu advisory:
Vasiliy Kulikov and Dan Rosenberg discovered that eCryptfs incorrectly
validated permissions on the requested mountpoint. A local attacker could
use this flaw to mount to arbitrary locations, leading to privilege
escalation. (CVE-2011-1831)
Vasiliy Kulikov and Dan Rosenberg discovered that eCryptfs incorrectly
validated permissions on the requested mountpoint. A local attacker could
use this flaw to unmount to arbitrary locations, leading to a denial of
service. (CVE-2011-1832)
Vasiliy Kulikov and Dan Rosenberg discovered that eCryptfs incorrectly
validated permissions on the requested source directory. A local attacker
could use this flaw to mount an arbitrary directory, possibly leading to
information disclosure. A pending kernel update will provide the other
half of the fix for this issue. (CVE-2011-1833)
Dan Rosenberg and Marc Deslauriers discovered that eCryptfs incorrectly
handled modifications to the mtab file when an error occurs. A local
attacker could use this flaw to corrupt the mtab file, and possibly unmount
arbitrary locations, leading to a denial of service. (CVE-2011-1834)
Marc Deslauriers discovered that eCryptfs incorrectly handled keys when
setting up an encrypted private directory. A local attacker could use this
flaw to manipulate keys during creation of a new user. (CVE-2011-1835)
Marc Deslauriers discovered that eCryptfs incorrectly handled permissions
during recovery. A local attacker could use this flaw to possibly access
another user's data during the recovery process. This issue only applied to
Ubuntu 11.04. (CVE-2011-1836)
Vasiliy Kulikov discovered that eCryptfs incorrectly handled lock counters.
A local attacker could use this flaw to possibly overwrite arbitrary files.
The default symlink restrictions in Ubuntu 10.10 and 11.04 should protect
against this issue. (CVE-2011-1837) |
| Alerts: |
|
Comments (none posted)
flash-plugin: doom and destruction
Comments (1 posted)
glpi: information disclosure
| Package(s): | glpi |
CVE #(s): | CVE-2011-2720
|
| Created: | August 4, 2011 |
Updated: | February 7, 2012 |
| Description: |
From the Red Hat Bugzilla entry:
It was found that GLPI, the Information Resource-Manager with an additional
Administration-Interface, did not properly blacklist certain sensitive
variables (like GLPI username and password). A remote attacker could use this
flaw to obtain access to plaintext form of these values via specially-crafted
HTTP POST request.
|
| Alerts: |
|
Comments (none posted)
libcap: insecure chroot
| Package(s): | libcap |
CVE #(s): | |
| Created: | August 8, 2011 |
Updated: | August 10, 2011 |
| Description: |
From the CWE entry:
Improper use of chroot() may allow attackers to escape from the chroot jail. The chroot() function call does not change the process's current working directory, so relative paths may still refer to file system resources outside of the chroot jail after chroot() has been called. |
| Alerts: |
|
Comments (none posted)
p7zip: multiple vulnerabilities
| Package(s): | p7zip |
CVE #(s): | |
| Created: | August 9, 2011 |
Updated: | August 10, 2011 |
| Description: |
p7zip is a port of 7za.exe for Unix. 7-Zip is a file archiver with a very high compression ratio. The original version can be found at
http://www.7-zip.org/.
p7zip 9.20.1 fixes multiple bugs.
|
| Alerts: |
|
Comments (none posted)
phpMyAdmin: multiple vulnerabilities
| Package(s): | phpMyAdmin |
CVE #(s): | CVE-2011-2643
CVE-2011-2718
CVE-2011-2719
|
| Created: | August 5, 2011 |
Updated: | August 15, 2011 |
| Description: |
From the CVE entries:
Directory traversal vulnerability in sql.php in phpMyAdmin 3.4.x before 3.4.3.2, when configuration storage is enabled, allows remote attackers to include and execute arbitrary local files via directory traversal sequences in a MIME-type transformation parameter. (CVE-2011-2643)
Multiple directory traversal vulnerabilities in the relational schema implementation in phpMyAdmin 3.4.x before 3.4.3.2 allow remote authenticated users to include and execute arbitrary local files via directory traversal sequences in an export type field, related to (1) libraries/schema/User_Schema.class.php and (2) schema_export.php. (CVE-2011-2718)
libraries/auth/swekey/swekey.auth.lib.php in phpMyAdmin 3.x before 3.3.10.3 and 3.4.x before 3.4.3.2 does not properly manage sessions associated with Swekey authentication, which allows remote attackers to modify the SESSION superglobal array, other superglobal arrays, and certain swekey.auth.lib.php local variables via a crafted query string, a related issue to CVE-2011-2505. (CVE-2011-2719) |
| Alerts: |
|
Comments (none posted)
quake3: arbitrary command/code execution
| Package(s): | quake3 |
CVE #(s): | CVE-2011-1412
CVE-2011-2764
|
| Created: | August 9, 2011 |
Updated: | March 8, 2012 |
| Description: |
From the CVE entries:
sys/sys_unix.c in the ioQuake3 engine on Unix and Linux, as used in World of Padman 1.5.x before 1.5.1.1 and OpenArena 0.8.x-15 and 0.8.x-16, allows remote game servers to execute arbitrary commands via shell metacharacters in a long fs_game variable. (CVE-2011-1412)
The FS_CheckFilenameIsNotExecutable function in qcommon/files.c in the ioQuake3 engine 1.36 and earlier, as used in World of Padman, Smokin' Guns, OpenArena, Tremulous, and ioUrbanTerror, does not properly determine dangerous file extensions, which allows remote attackers to execute arbitrary code via a crafted third-party addon that creates a Trojan horse DLL file. (CVE-2011-2764) |
| Alerts: |
|
Comments (none posted)
rsync: denial of service
| Package(s): | rsync |
CVE #(s): | |
| Created: | August 5, 2011 |
Updated: | August 10, 2011 |
| Description: |
From the Scientific Linux advisory:
The previous rsync security errata update, which was applied with the
rsync tool update to version 3.0.6-4, introduced a patch which fixed the
issue with missing memory deallocation. Due to an error in that patch,
the following new issue appeared: when specifying the source or
destination argument of the rsync command without the optional user@
argument, rsync failed to provide the correct parameters to an external
command, such as ssh, and thus rsync failed with an error. |
| Alerts: |
|
Comments (none posted)
squirrelmail: multiple vulnerabilities
| Package(s): | squirrelmail |
CVE #(s): | CVE-2011-2752
CVE-2011-2753
|
| Created: | August 8, 2011 |
Updated: | August 15, 2011 |
| Description: |
From the CVE entries:
CRLF injection vulnerability in SquirrelMail 1.4.21 and earlier allows remote attackers to modify or add preference values via a \n (newline) character, a different vulnerability than CVE-2010-4555. (CVE-2011-2752)
Multiple cross-site request forgery (CSRF) vulnerabilities in SquirrelMail 1.4.21 and earlier allow remote attackers to hijack the authentication of unspecified victims via vectors involving (1) the empty trash implementation and (2) the Index Order (aka options_order) page, a different issue than CVE-2010-4555. (CVE-2011-2753) |
| Alerts: |
|
Comments (none posted)
typo3-src: multiple vulnerabilities
| Package(s): | typo3-src |
CVE #(s): | |
| Created: | August 8, 2011 |
Updated: | August 10, 2011 |
| Description: |
From the Debian advisory:
Several remote vulnerabilities have been discovered in the TYPO3 web
content management framework: cross-site scripting, information
disclosure, authentication delay bypass, and arbitrary file deletion.
More details can be found in the Typo3 security advisory:
http://typo3.org/teams/security/security-bulletins/typo3-... |
| Alerts: |
|
Comments (none posted)
virtualbox: privilege escalation
| Package(s): | virtualbox |
CVE #(s): | CVE-2011-2300
CVE-2011-2305
|
| Created: | August 5, 2011 |
Updated: | April 10, 2012 |
| Description: |
From the CVE entries:
Unspecified vulnerability in Oracle VM VirtualBox 4.0 allows local users to affect confidentiality, integrity, and availability via unknown vectors related to Guest Additions for Windows. (CVE-2011-2300)
Unspecified vulnerability in Oracle VM VirtualBox 3.0, 3.1, 3.2, and 4.0 allows local users to affect confidentiality, integrity, and availability via unknown vectors. (CVE-2011-2305) |
| Alerts: |
|
Comments (none posted)
wireshark: denial of service
| Package(s): | wireshark |
CVE #(s): | CVE-2011-2698
|
| Created: | August 8, 2011 |
Updated: | January 14, 2013 |
| Description: |
From the Pardus advisory:
An infinite loop was found in the way ANSI A Interface (IS-634/IOS)
dissector of the Wireshark network traffic analyzer processed certain
ANSI A MAP capture files. If Wireshark read a malformed packet off a
network or opened a malicious
packet capture file, it could lead to denial of service (Wireshark
hang).
|
| Alerts: |
|
Comments (none posted)
Page editor: Jake Edge
Next page: Kernel development>>
