Full Disclosure mailing list archives

Previous By Date Next
Previous By Thread Next

Re: PcwRunAs Password Obfuscation Design Flaw

From: Valdis.Kletnieks () vt edu
Date: Wed, 28 Mar 2012 13:28:32 -0400
On Wed, 28 Mar 2012 11:34:56 -0400, Jeffrey Walton said:

Under Linux, about the best you can do to avoid hard coded passwords
in source files is store the password in a file, and then clamp the
ACL on the file so only tomcat, apache, or whomever can read.
Generally, it means you remove world and group.


Or clamp down even further using SELinux, which can get you to the
point of "only /usr/bin/httpd can read this file".  Combine this with
"only the init process can launch httpd", and it gets pretty hard for
an attacker to get at the passwords without a complete system
compromise.

(Yes, it's still vulnerable to "exploit allows running arbitrary code
in the httpd process's context" and similar. I *said* "pretty hard",
not "impossible" ;)

Attachment: _bin
Description: 

_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/
Previous By Date Next
Previous By Thread Next

Current thread: