On 07/27/2015 09:12 AM, Carlos E. R. wrote:
Personally I think that the idea of having a cleartext version available anywhere is a bad idea. If it matters that much there should be no cleartext version anywhere except in memory.
And that's where it will be. tmpfs is memory.
No. a tmpfs is part of the file system.
A process ram can be read by another process with sufficient privileges. Read the GPG docs.
This is where Chris would start talking about AppArmour and SELinux as containment measures. We all know that unless you take additional measures 'root' is all powerful and many sites hand out root access like candy. That and there are many ways to get root access or trojan a system. UNIX/Linux is not immune. Its not that it can't be strapped down tight. What do you think all those Linux servers on wall Street handing million dollar transactions are about? But that level of knowledge and diligence and the constraints they operate under are different from out home based workstations. You can bet such organizations handle email in a very different way and have dedicated machines and pathways for it.
Of course all this is really a pole of crap, isn't it? You're not using those IMAP/POP passwords anywhere else are you?
No, but an attacker with access to a person email can request the password for many other services to be reset. A link is sent to the mail, click, change password. Even to banks.
That's my issue.
You don't have to have access to my email to request a password reset. A good system will send me a notification and a URL as a result of request. Perhaps that can be MitM'd and I won't see it and you can act on it. But if you have that level of access you can do many other things. its sort of like the inconsistencies about the access control in that movie, what was it 'ex machina', I think. if you can MitM my communications why waste time resetting some of my web accounts. A bad reset system won't mail me back with a URL; it will just let you do the reset. There are a few of those around. Nobody says that web site developers put security first and foremost. The real problem here is quite simple: PASSWORDS. What? Oh Sorry, the real problem is that the users prefer dancing pigs, as Bruce Schneier says. Convenience trumps security. You could have a PGP-like authentication which forgets the long, certificate based two-factor authentication and makes you re-enter it every few minutes. But you'd go crazy. You'd never get any work done. Try, for example, having a password protected screen saver that come in after 2 seconds of inactivity ... that level of re-authentication. -- A: Yes. > Q: Are you sure? >> A: Because it reverses the logical flow of conversation. >>> Q: Why is top posting frowned upon? -- To unsubscribe, e-mail: opensuse+unsubscribe@opensuse.org To contact the owner, e-mail: opensuse+owner@opensuse.org