From: Solar Designer <solar@openwall.com>
To: musl@lists.openwall.com
Subject: Re: crypt* files in crypt directory
Date: Thu, 9 Aug 2012 19:52:55 +0400 [thread overview]
Message-ID: <20120809155254.GA28303@openwall.com> (raw)
In-Reply-To: <20120809054804.GO27715@brightrain.aerifal.cx>
On Thu, Aug 09, 2012 at 01:48:04AM -0400, Rich Felker wrote:
> On Thu, Aug 09, 2012 at 08:04:32AM +0400, Solar Designer wrote:
> > For DoS via high iteration count, I see no good solution other than to
> > accept this as a possibility for when group shadow is compromised.
>
> Well it's also a possibility if you're using crypt to validate
> passwords where both the hash and password are provided by a third
> party. I think that's a major problem. I generally frown upon
> interfaces where the run time is non-obviously superlinear in the
> input size.
I agree that it's not great that this problem exists, but I am unsure if
trying to solve it would make things better overall.
> I don't see any down-size to limiting the iteration count if the limit
> is reasonable. For instance if the limit were such that higher counts
> would take more than 1 second on a theoretical 50 GHz variant of a
> modern cpu (which is faster than a single core will EVER be able to
> get), there's no way they would be practical to use, and there's no
> sense in supporting them except to satisfy a fetish for "no arbitrary
> limits" even when it conflicts with security and robustness. This
> would at least ensure the function can't get stuck running for
> hours/days/weeks at a time.
>
> The hard part is putting the limit at some point a good bit lower.
This makes some sense.
> > /usr/bin/passwd and (if enabled) /usr/bin/chage on Owl are SGID shadow.
>
> If reading your own password hash also requires sgid-shadow, then
> screen is sgid-shadow. Which means any user can easily get full shadow
> group perms (since screen is full of vulns if it's running suid/sgid)
> and thus you might as well not have had the group protection to begin
> with. Same applies to things like xlock.
No, screen is SGID screen, and group screen provides access to the
tcb_chkpwd and utempter helpers, which are SGID shadow and utmp,
respectively.
xlock, if installed, may be made SGID chkpwd (a group provided on Owl by
default for that possible use), which provides access to tcb_chkpwd
only. This is what doc/REDHAT (advice on using Red Hat's packages on
Owl) suggests. Being a server distro, we don't provide X ourselves.
Even if group screen or chkpwd is compromised, this only allows for
direct attacks on tcb_chkpwd - and it's a rather small program (5 KB
binary). This does not allow for group shadow access without having
found and exploited a vulnerability in tcb_chkpwd first.
Obviously, certain vulnerabilities in the dynamic linker, libc, or/and
the kernel would allow to compromise any SGID program's target group.
That would be nasty, but not fatal - e.g., DoS attacks like what we're
discussing would be possible.
Alexander
next prev parent reply other threads:[~2012-08-09 15:52 UTC|newest]
Thread overview: 54+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-07-21 15:23 Łukasz Sowa
2012-07-21 17:11 ` Solar Designer
2012-07-21 20:17 ` Rich Felker
2012-07-22 16:23 ` Łukasz Sowa
2012-07-25 7:57 ` Rich Felker
2012-08-08 2:24 ` Rich Felker
2012-08-08 4:42 ` Solar Designer
2012-08-08 5:28 ` Rich Felker
2012-08-08 6:27 ` Solar Designer
2012-08-08 7:03 ` Daniel Cegiełka
2012-08-08 7:24 ` Solar Designer
2012-08-08 7:42 ` Daniel Cegiełka
2012-08-08 21:48 ` Rich Felker
2012-08-08 23:08 ` Isaac Dunham
2012-08-08 23:24 ` John Spencer
2012-08-09 1:03 ` Isaac Dunham
2012-08-09 3:16 ` Rich Felker
2012-08-09 3:36 ` Solar Designer
2012-08-09 7:13 ` orc
2012-08-09 7:28 ` Rich Felker
2012-08-09 7:29 ` Solar Designer
2012-08-09 10:53 ` Solar Designer
2012-08-09 11:58 ` Szabolcs Nagy
2012-08-09 16:43 ` Solar Designer
2012-08-09 17:30 ` Szabolcs Nagy
2012-08-09 18:22 ` Rich Felker
2012-08-09 23:21 ` Rich Felker
2012-08-10 17:04 ` Solar Designer
2012-08-10 18:06 ` Rich Felker
2012-08-09 21:46 ` crypt_blowfish integration, optimization Rich Felker
2012-08-09 22:21 ` Solar Designer
2012-08-09 22:32 ` Rich Felker
2012-08-10 17:18 ` Solar Designer
2012-08-10 18:08 ` Rich Felker
2012-08-10 22:52 ` Solar Designer
2012-08-08 7:52 ` crypt* files in crypt directory Szabolcs Nagy
2012-08-08 13:06 ` Rich Felker
2012-08-08 14:30 ` orc
2012-08-08 14:53 ` Szabolcs Nagy
2012-08-08 15:05 ` orc
2012-08-08 18:10 ` Rich Felker
2012-08-09 1:51 ` Solar Designer
2012-08-09 3:25 ` Rich Felker
2012-08-09 4:04 ` Solar Designer
2012-08-09 5:48 ` Rich Felker
2012-08-09 15:52 ` Solar Designer [this message]
2012-08-09 17:59 ` Rich Felker
2012-08-09 21:17 ` Rich Felker
2012-08-09 21:44 ` Solar Designer
2012-08-09 22:08 ` Rich Felker
2012-08-09 23:33 ` Rich Felker
2012-08-09 6:03 ` Rich Felker
-- strict thread matches above, loose matches on Subject: below --
2012-07-17 9:40 Daniel Cegiełka
2012-07-17 17:51 ` Rich Felker
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20120809155254.GA28303@openwall.com \
--to=solar@openwall.com \
--cc=musl@lists.openwall.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
Code repositories for project(s) associated with this public inbox
https://git.vuxu.org/mirror/musl/
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).