On Fri, Aug 22, 2008 at 4:54 PM, Michael J Gruber <[EMAIL PROTECTED]> wrote:
> > As Paul pointed out, the keys are different, and the Fedora key was not > in use (no passphrase typed in) during the critical time frame. Yep. Just wondering how the attacker retrieved the passphrase for Red Hat. Looking at this paper[1], gpg is quite safe regarding its memory use while processing the passphrase. Except if you use a terminal that will intercept and store the passphrase somewhere in memory ;-) Could be very interesting to know how the attacker was able to catch the passphrase. (maybe via a bash_history containing the passphrase typed in the shell prompt ;-) [1] http://philosecurity.org/pubs/davidoff-clearmem-linux.pdf > Funny > thing is: > > - Fedora's key will be changed, not RHEL's, which has been compromised. > - High security private keys are best kept in bare metal and used on > boxes without incoming network. This doesn't seem to apply to the > package signing keys. This is a very good point. Signing key should be done on a dedicated system where there is no permanent network connectivity. Maybe that could be a good enhancement for the future ;-) Thanks for the feedback, adulau -- -- Alexandre Dulaunoy (adulau) -- http://www.foo.be/ -- http://www.foo.be/cgi-bin/wiki.pl/Diary -- "Knowledge can create problems, it is not through ignorance -- that we can solve them" Isaac Asimov -- fedora-list mailing list fedora-list@redhat.com To unsubscribe: https://www.redhat.com/mailman/listinfo/fedora-list
