Déjà Dup

Passwords aren't protected in-memory

Bug #284512 reported by Michael Terry on 2008-10-16

334

This bug affects 18 people

Affects		Status	Importance	Assigned to	Milestone
	Déjà Dup	Confirmed	Low	Unassigned

Bug Description

Passwords aren't protected in-memory. deja-dup gets them from gnome-keyring, and just holds them plaintext in memory. This should really be improved.

Michael Terry (mterry) on 2008-10-16

Changed in deja-dup:
status:	New → Confirmed

Michael Terry (mterry) on 2008-12-13

Changed in deja-dup:
importance:	Undecided → Medium

Revision history for this message

Michael Terry (mterry) wrote on 2008-12-16:

Likewise, when passing them to duplicity, they are stored in the child process's environment. I believe Linux protects other processes' environments, but that doing so is not guaranteed across POSIX. This would require changes in duplicity to allow passing passwords another way (via pipes or whatnot).

Michael Terry (mterry) on 2010-03-26

Changed in deja-dup:
importance:	Medium → Low

Revision history for this message

mlissner (mlissner-michaeljaylissner) wrote on 2011-10-16:

As a budding programmer, I'm curious how you can read the values in memory? Seems hard, but if you're willing to tell me, I'm quite curious.

Revision history for this message

Michael Terry (mterry) wrote on 2011-10-17:

I believe when it is paged to the swap area. Which usually isn't encrypted. I don't know how easy it is to grab the values once it is in the swap, but I think that's the general idea.

We could prevent this by using libgnome-keyring's non-pageable memory support: http://developer.gnome.org/gnome-keyring/stable/gnome-keyring-Non-pageable-Memory.html

papukaija (papukaija) on 2012-09-30

security vulnerability:

no → yes

Report a bug

This report contains Public Security information

Everyone can see this security related information.

You are

Subscribing...

Edit bug mail

Other bug subscribers

Remote bug watches

Bug watches keep track of this bug in other bug trackers.