Confirmation for cached passphrases useful?
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Tue Oct 12 09:05:56 CEST 2010
On 10/12/2010 02:26 AM, Werner Koch wrote:
> On Tue, 12 Oct 2010 04:44, dkg at fifthhorseman.net said:
>
>> (e.g. one process can send a simulated mouseclick to another process
>> pretty easily) but that doesn't mean no one is running with a
>
> The standard pinentry grabs mouse and keyboard and thus we should be
> protected against this kind of attack.
I think that grabbing mouse and kbd prevents other tools from *reading*
the kbd and mouse events. It doesn't prevent synthesized events from
triggering those inputs (e.g. clicking "OK" on a button).
As a simple example, try:
sleep 3 && xdotool key Return & echo GETPIN xxx | pinentry
The backgrounded process hits the enter key on a foregrounded (grabbed)
pinentry-gtk.
So while it's useful to protect passphrase entry from other snooping X11
applications, i don't think that the kbd/mouse grab approach is
sufficient protection for a simple confirmation prompt dialog box.
I'd be happy to be corrected on this if i'm wrong, of course.
Regards,
--dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 900 bytes
Desc: OpenPGP digital signature
URL: </pipermail/attachments/20101012/ae2649c2/attachment-0001.pgp>
More information about the Gnupg-users
mailing list