"brian m. carlson" <sand...@crustytoothpaste.net> writes: > First, the code to verify the integrity hash is done with memcmp. This > is not safe against timing attacks, so an attacker can tamper with the > data and determine how much of the hash matches based on the amount of > time it takes[0]. This comparison should be done in a constant-time > way. > > [0] This can be a problem with an untrusted container with the user's > home directory mounted in it. There's documentation for VS Code that > tells people how to do exactly this, so it's clearly a common situation.
Could you elaborate which document you are referring to? I'm wondering how it can be a problem provided that VS Code and gnome-keyring-daemon are running as a separate process. I believe that both snap and flatpak provide a process isolation mechanism. > This was originally reported to the Debian Security Team on February 3, > but they were unable to issue a CVE, so I reported it to the GNOME > Security Team on February 4. The response was the gnome-keyring team is > "aware of those issues" but they "don't think those issues are severe > enough to urge an immediate fix" and plan to address them at an > unspecified point in the future. It's a bit disappointing that you didn't quote the full response with the additional context. Here it goes, for reference: --8<---------------cut here---------------start------------->8--- Hello Brian, First, thank you for reaching out to us. We were aware of those issues and have been piloting a new keyring format in libsecret[1], that should address most of them, aiming at eventually merging it back to gnome-keyring. That said, we don't think those issues are severe enough to urge an immediate fix. I'm also particularly concerned with the use of AES-GCM you suggested for encrypting data at rest, considering its brittleness in terms of nonce reuse, and that using a key wrapping algorithm would be more appropriate for certification purposes[2]. Footnotes: [1] https://opensource.com/article/19/11/secrets-management-flatpak-applications [2] https://phabricator.services.mozilla.com/D54589#1662092 Regards, --8<---------------cut here---------------end--------------->8---