[Pkg-silc-devel] maybe not ready for upload yet

Daniel Kahn Gillmor dkg at fifthhorseman.net
Mon Jun 18 09:22:56 UTC 2007 

On Sun 2007-06-17 17:33:05 -0400, Jérémy Bobbio wrote:

> On Sun, Jun 17, 2007 at 05:47:35PM +0100, Micah Anderson wrote:
>> > Unfortunately, the key itself is saved in a world-readable form:
>> > [...]
>>
>> Odd, this doesn't happen for me. I removed my .irssi directory and
>> then started it again and loaded silc plugin and created a new
>> passphrase, and my directory now looks like this:
>> 
>> [1] micah at lillypad> ls -al .irssi 
>> [...]
>> -rw-------   1 micah micah 1297 2007-06-17 17:44 private_key.prv
>
> Here is the output of my irssi run:
>
> --- 8< ---
> [(status)] /load silcRunning SILC for the first time
> Private key passphrase:
> Retype private key passphrase: Public key has been saved into
> `/home/lunar/.irssi/public_key.pub'.
> Private key has been saved into `/home/lunar/.irssi/private_key.prv'.
> Press <Enter> to continue...
> Wrong permissions in your private key file
> `/home/lunar/.irssi/private_key.prv'!
> Trying to change them ... Done.
> --- >8 ---
>
> And indeed, the private_key.prv has 0600 mode.

ah, interesting.  mine are showing the same now.  I can reproduce the
behavior, but only if i ls ~/.irssi before i "Press <Enter> to
continue..."

So it's a brief window of time that it's world-readable (while waiting
on the user to press the enter key). This is a security hole, but
probably not a huge one.  However, given that silc is supposed to be
all about security, it seems like a mistake to me.

I'm more concerned about the usability issues of prompting a user for
a password without explaining what the password is for.


> The silc plugin still segfaults every now and then, but I don't see a
> real problem in uploading the current version in unstable and working
> with upstream to work out as much issues as we could (and track them
> using Debian BTS).

i just tried this with a new (throwaway) user account.  and the
segfault is definitely repeatable for me (even with the correct
password for sure).  Maybe it's due to my using a mixed lenny/sid
system, though, or to the weird build errors i got. i'll try it again
in a clean chroot soon.

Thanks for all the work on this!

       --dkg
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 826 bytes
Desc: not available
Url : http://lists.alioth.debian.org/pipermail/pkg-silc-devel/attachments/20070618/16483acf/attachment.pgp

More information about the Pkg-silc-devel mailing list