On 27.04.2013 06:45, Stephen J. Turnbull wrote: > > 2. Your list has elevated security requirements. In this case, you can > > use gpg-agent to manage the secret key (and its passphrase). > > I don't understand what threat you propose to address in this way. > It's true that you can prevent the attacker from getting access to the > key (using agent forwarding or a token, it need not be on the exposed > host at all), but we're assuming he has access to the host and the > Mailman process.
The gpg-agent approach protects you from all storage-related attacks: - unencrypted backups - physical access to the harddrive - etc. It does not protect from attackers who have access to the contents of the computer's RAM: - raw memory access and scanning for the secret key (requires root) - memory dump via DMA-enabled interfaces (firewire, pc-card, ...) - cold boot attacks Stefan. _______________________________________________ Mailman-Developers mailing list Mailman-Developers@python.org http://mail.python.org/mailman/listinfo/mailman-developers Mailman FAQ: http://wiki.list.org/x/AgA3 Searchable Archives: http://www.mail-archive.com/mailman-developers%40python.org/ Unsubscribe: http://mail.python.org/mailman/options/mailman-developers/archive%40jab.org Security Policy: http://wiki.list.org/x/QIA9
