Vulnerability with compromised geli credentials?
- From: "Abiron Arroyo" <abi@xxxxxxxxxxxx>
- Date: Sat, 17 May 2008 17:41:13 -0700 (PDT)
I'm not really a developer, but was considering if there is a key
vulnerability in geli given that when you change a key there isn't a disk
update.
Consider the scenario where a new file system is created and populated
with some files. At a later time the original key is changed because
someone has gained access to the key and passphrase. A new key is
generated and attached, but none of the files are modified.
Furthermore, let's say the thief has access to the system and is able to
update the disk to use the previous key and then reattach/mount. Is it
then possible for the person that has the stolen credentials to mount the
drive and view the files? The man page does not detail how the metadata is
written.
With that said, if this is possible, what's the best way to update the
system? I suspect that moving the file is not enough, using vi in a script
is not very practical, and using cat may cause problems with some special
characters.
_______________________________________________
freebsd-security@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@xxxxxxxxxxx"
- Follow-Ups:
- Re: Vulnerability with compromised geli credentials?
- From: Eygene Ryabinkin
- Re: Vulnerability with compromised geli credentials?
- From: Robert Woolley
- Re: Vulnerability with compromised geli credentials?
- Prev by Date: Re: validity of php 5.2.1 vulnerability
- Next by Date: Re: Vulnerability with compromised geli credentials?
- Previous by thread: validity of php 5.2.1 vulnerability
- Next by thread: Re: Vulnerability with compromised geli credentials?
- Index(es):
Relevant Pages
|
|
