Earn an NSA recognized IA Masters Online
The NSA has designated Norwich University a center of Academic Excellence in Information Security. Our program offers unparalleled Infosec management education and the case study affords you unmatched consulting experience. Using interactive e-Learning technology, you can earn this esteemed degree, without disrupting your career or home life.
pgp Key Signing
Observations: Overlooked Social and Technical Considerations
By: Atom Smasher
While there are several sources of technical information on using pgp in general, and key signing in particular, this article emphasizes social aspects of key signing that are too often ignored, misleading or incorrect in the technical literature. There are also technical issues pointed out where I believe other documentation to be lacking. It is important to acknowledge and address social aspects in a system such as pgp, because the weakest link in the system is the human that is using it. The algorithms, protocols and applications used as part of a pgp system are relatively difficult to compromise or 'break', but the human user can often be easily fooled. Since the human is the weak link in this chain, attention must be paid to actions and decisions of that human; users must be aware of the pitfalls and know how to avoid them.
AUDIENCE
This document is intended to be of use to those wishing to participate in the exchange of signatures on their OpenPGP keys. It is assumed that the reader has a basic understanding of pgp, what it's used for and how to use it. Those more experienced with pgp may wish to skip the sections they are familiar with, but it is suggested that even the basic information be reviewed.
OBSERVATIONS ON GENERATING AND MAINTAINING KEYS
When one first generates a key, it is important that it be done on a secure machine in a secure environment. One attack against pgp that is rarely mentioned allows Mallory to steal or even replace a pgp key before it is distributed. Mallory would need to compromise Bob's computer prior to Bob's creation of a key.
Mallory could then eavesdrop on Bob as he types the pgp passphrase for the first time, and steal the passphrase along with the secret key. In this case Bob's key is compromised before it even exists.
If at any time Mallory is able to break into Bob's computer, she can steal his private key and wait for him to type in his pgp passphrase. Mallory may use a virus or trojan to accomplish this. A screwdriver or bootable CD can compromise the private key. A spy camera or key-logger can compromise the passphrase. This would allow Mallory to read any message ever encrypted to Bob and sign any message or key with Bob's signature.
Aside from keeping his personal computer secure, Bob should save a copy of his private key in a secure, off-line, off-site location. This off-line and off-site backup keeps Bob's private key secure against loss from such things as disk crash or his computer being stolen by either common or government thieves. Depending on who is out to get him, he may consider it more secure to burn his private key onto a CD and store it in a bank safe, or print it onto paper and hide it inside a painting. As always, the most appropriate meaning of 'secure' is left to the needs and perceptions of the reader.
Note that it is often unnecessary to make a backup copy of a public key for two reasons: 1) if it is publicly available and can be retrieved from a keyserver and 2) the "gpgsplit" command has a "secret-to-public" option that can recover a public key from a private key. Note that gpgsplit may not recover accurate expiration dates and preferences if they were updated after the key was created.
One should never sign a key (or use pgp at all) on an untrusted computer or in an untrusted environment. Gather the information needed to sign a key and sign it when you get home. If your home computer and environment are not trusted, you have bigger problems to worry about.
Read Entire Article
features/features/pgp-key-signing-observations-overlooked-social-and-technical-considerations
LinuxSecurity.com Feature Extras:
EnGarde Secure Community 3.0.4 Released - Guardian Digital is happy to announce the release of EnGarde Secure Community 3.0.4 (Version 3.0, Release 4). This release includes several bug fixes and feature enhancements to the Guardian Digital WebTool and the SELinux policy, and several new packages available for installation.
Linux File & Directory Permissions Mistakes - One common mistake Linux administrators make is having file and directory permissions that are far too liberal and allow access beyond that which is needed for proper system operations. A full explanation of unix file permissions is beyond the scope of this article, so I'll assume you are familiar with the usage of such tools as chmod, chown, and chgrp. If you'd like a refresher, one is available right here on linuxsecurity.com.
Introduction: Buffer Overflow Vulnerabilities - Buffer overflows are a leading type of security vulnerability. This paper explains what a buffer overflow is, how it can be exploited, and what countermeasures can be taken to prevent the use of buffer overflow vulnerabilities.
Take advantage of our Linux Security discussion
list! This mailing list is for general security-related questions and comments.
To subscribe send an e-mail to
Thank you for reading the LinuxSecurity.com weekly security newsletter. The purpose of this document is to provide our readers with a quick summary of each week's most relevant Linux security headline.
Debian | ||
Debian: New adzapper packages fix denial of service | ||
9th, February, 2006
Updated package. advisories/debian/debian-new-adzapper-packages-fix-denial-of-service |
||
Debian: New elog packages fix arbitrary code execution | ||
10th, February, 2006
Several security problems have been found in elog, an electonic logbook to manage notes. The Common Vulnerabilities and Exposures Project identifies the following problems... advisories/debian/debian-new-elog-packages-fix-arbitrary-code-execution-75949 |
||
Debian: New noweb packages fix insecure temporary file creation | ||
13th, February, 2006
Updated package. advisories/debian/debian-new-noweb-packages-fix-insecure-temporary-file-creation |
||
Debian: New scponly packages fix potential root vulnerability | ||
13th, February, 2006
Updated package. advisories/debian/debian-new-scponly-packages-fix-potential-root-vulnerability |
||
Debian: New kronolith packages fix cross-site scripting | ||
14th, February, 2006
Updated package. advisories/debian/debian-new-kronolith-packages-fix-cross-site-scripting |
||
Debian: New xpdf packages fix denial of service | ||
14th, February, 2006
Updated package. advisories/debian/debian-new-xpdf-packages-fix-denial-of-service |
||
Debian: New pdfkit.framework packages fix denial of service | ||
15th, February, 2006
Updated package. advisories/debian/debian-new-pdfkitframework-packages-fix-denial-of-service |
||
Debian: New OTRS packages fix several vulnerabilities | ||
15th, February, 2006
Updated package. advisories/debian/debian-new-otrs-packages-fix-several-vulnerabilities |
||
Debian: New gpdf packages fix denial of service | ||
15th, February, 2006
Updated package. advisories/debian/debian-new-gpdf-packages-fix-denial-of-service-85274 |
||
Debian: New nfs-user-server packages fix arbitrary code execution | ||
15th, February, 2006
Marcus Meissner discovered that attackers can trigger a buffer overflow in the path handling code by creating or abusing existing symlinks, which may lead to the execution of arbitrary code. |
||
Debian: New libast packages fix arbitrary code execution | ||
15th, February, 2006
Johnny Mast discovered a buffer overflow in libast, the library of assorted spiffy things, that can lead to the execution of arbitary code. This library is used by eterm which is installed setgid uid which leads to a vulnerability to alter the utmp file. advisories/debian/debian-new-libast-packages-fix-arbitrary-code-execution |
||
Debian: New heimdal packages fix several vulnerabilities | ||
16th, February, 2006
Updated package. advisories/debian/debian-new-heimdal-packages-fix-several-vulnerabilities |
||
Fedora | ||
Fedora Core 4 Update: poppler-0.4.5-1.1 | ||
10th, February, 2006
Heap-based buffer overflow in Splash.cc in poppler, allows attackers to cause a denial of service and possibly execute arbitrary code via crafted splash images that produce certain values that exceed the width or height of the associated bitmap. advisories/fedora/fedora-core-4-update-poppler-045-11-10-38-00-121591 |
||
Fedora Core 4 Update: xpdf-3.01-0.FC4.8 | ||
10th, February, 2006
xpdf contains a heap based buffer overflow in the splash rasterizer engine that can crash kpdf or even execute arbitrary code. Users impacted by these issues, should update to this new package release. advisories/fedora/fedora-core-4-update-xpdf-301-0fc48-10-38-00-121592 |
||
Fedora Core 4 Update: kdegraphics-3.5.1-0.2.fc4 | ||
10th, February, 2006
kpdf, the KDE pdf viewer, shares code with xpdf. xpdf contains a heap based buffer overflow in the splash rasterizer engine that can crash kpdf or even execute arbitrary code. Users impacted by these issues, should update to this new package release. advisories/fedora/fedora-core-4-update-kdegraphics-351-02fc4-10-39-00-121593 |
||
Fedora Core 4 Update: gnutls-1.0.25-2.FC4 | ||
10th, February, 2006
Updated package. advisories/fedora/fedora-core-4-update-gnutls-1025-2fc4-20-20-00-121596 |
||
Fedora Core 4 Update: cpuspeed-1.2.1-1.24_FC4 | ||
12th, February, 2006
Updated package. advisories/fedora/fedora-core-4-update-cpuspeed-121-124fc4-00-23-00-121597 |
||
Fedora Core 4 Update: pam_krb5-2.1.15-2 | ||
14th, February, 2006
This update fixes several bugs which have been found since FC4 was released. advisories/fedora/fedora-core-4-update-pamkrb5-2115-2-11-26-00-121627 |
||
Fedora Core 4 Update: postgresql-8.0.7-1.FC4.1 | ||
14th, February, 2006
Updated package. advisories/fedora/fedora-core-4-update-postgresql-807-1fc41-12-00-00-121629 |
||
Fedora Core 4 Update: selinux-policy-targeted-1.27.1-2.22 | ||
14th, February, 2006
Zebra was still broken. Hopefully fixed by this update. advisories/fedora/fedora-core-4-update-selinux-policy-targeted-1271-222-14-02-00-121630 |
||
Fedora Core 4 Update: selinux-policy-strict-1.27.1-2.22 | ||
14th, February, 2006
Zebra was still broken. Hopefully fixed by this update. advisories/fedora/fedora-core-4-update-selinux-policy-strict-1271-222-14-02-00-121631 |
||
Gentoo | ||
Gentoo: Xpdf, Poppler Heap overflow | ||
12th, February, 2006
Xpdf and Poppler are vulnerable to a heap overflow that may be exploited to execute arbitrary code. |
||
Gentoo: KPdf Heap based overflow | ||
12th, February, 2006
KPdf includes vulnerable Xpdf code to handle PDF files, making it vulnerable to the execution of arbitrary code. |
||
Gentoo: ImageMagick Format string vulnerability | ||
13th, February, 2006
A vulnerability in ImageMagick allows attackers to crash the application and potentially execute arbitrary code. |
||
Gentoo: KPdf Heap based overflow | ||
13th, February, 2006
KPdf includes vulnerable Xpdf code to handle PDF files, making it vulnerable to the execution of arbitrary code. |
||
Gentoo: Sun JDK/JRE Applet privilege escalation | ||
14th, February, 2006
Sun's Java Development Kit (JDK) and Java Runtime Environment (JRE) do not adequately constrain applets from privilege escalation and arbitrary code execution. |
||
Gentoo: libtasn1, GNU TLS Security flaw in DER decoding | ||
16th, February, 2006
A flaw in the parsing of Distinguished Encoding Rules (DER) has been discovered in libtasn1, potentially resulting in the execution of arbitrary code. |
||
Gentoo: BomberClone Remote execution of arbitrary code | ||
16th, February, 2006
BomberClone is vulnerable to a buffer overflow which may lead to remote execution of arbitrary code. |
||
Mandriva | ||
Mandriva: Updated ghostscript packages fix various bugs | ||
10th, February, 2006
A number of bugs have been corrected with this latest ghostscript package including a fix when rendering imaged when converting PostScript to PDF with ps2pdf, a crash when generating PDF files with the pdfwrite device, several segfaults, a fix for vertical japanese text, and a number of other fixes. |
||
Mandriva: Updated gnutls packages fix libtasn1 out-of-bounds access vulnerabilities | ||
14th, February, 2006
Evgeny Legerov discovered cases of possible out-of-bounds access in the DER decoding schemes of libtasn1, when provided with invalid input. This library is bundled with gnutls. The provided packages have been patched to correct these issues. |
||
Mandriva: Updated postgresql packages fix various bugs | ||
14th, February, 2006
Various bugs in the PostgreSQL 8.0.x branch have been corrected with the latest 8.0.7 maintenance release which is being provided for Mandriva Linux 2006 users. |
||
Red Hat | ||
RedHat: Important: gnutls security update | ||
10th, February, 2006
Updated gnutls packages that fix a security issue are now available for Red Hat Enterprise Linux 4. This update has been rated as having important security impact by the Red Hat Security Response Team. advisories/red-hat/redhat-important-gnutls-security-update-74087 |
||
RedHat: Important: xpdf security update | ||
13th, February, 2006
An updated xpdf package that fixes a buffer overflow security issue is now available. This update has been rated as having important security impact by the Red Hat Security Response Team. advisories/red-hat/redhat-important-xpdf-security-update-71640 |
||
RedHat: Moderate: libpng security update | ||
13th, February, 2006
Updated libpng packages that fix a security issue are now available for Red Hat Enterprise Linux 4. This update has been rated as having moderate security impact by the Red Hat Security Response Team. advisories/red-hat/redhat-moderate-libpng-security-update-20383 |
||
RedHat: Important: kdegraphics security update | ||
13th, February, 2006
Updated kdegraphics packages that resolve a security issue in kpdf are now available. This update has been rated as having important security impact by the Red Hat Security Response Team. advisories/red-hat/redhat-important-kdegraphics-security-update-59910 |
||
RedHat: Moderate: ImageMagick security update | ||
14th, February, 2006
Updated ImageMagick packages that fix two security issues are now available. This update has been rated as having moderate security impact by the Red Hat Security Response Team. advisories/red-hat/redhat-moderate-imagemagick-security-update-73292 |
||
SuSE | ||
SuSE: kernel remote denial of service | ||
9th, February, 2006
The Linux kernel on SUSE Linux 10.0 has been updated to fix following security problems... |
||
SuSE: binutils, kdelibs3, kdegraphics3, koffice, dia, lyx | ||
10th, February, 2006
A SUSE specific patch to the GNU linker 'ld' removes redundant RPATH and RUNPATH components when linking binaries. Due to a bug in this routine ld occasionally left empty RPATH components. When running a binary with empty RPATH components the dynamic linker tries to load shared libraries from the current directory. |
||
SuSE: openssh (SUSE-SA:2006:008) | ||
14th, February, 2006
Updated package. |
||