[pkg-gnupg-maint] Bug#878952: scdaemon: avoid ptrace on scdaemon?
Daniel Kahn Gillmor
dkg at fifthhorseman.net
Wed Oct 18 00:07:16 UTC 2017
Package: scdaemon
Version: 2.2.1-2
Severity: normal
Debian currently ships with
debian/patches/block-ptrace-on-agent/Avoid-simple-memory-dumps-via-ptrace.patch,
which blocks a simple attack where any process running as the same
user can trace its system calls and memory. This isn't bulletproof,
but it raises the bar against a casual attacker.
However, we're not shipping the same protection for scdeamon.
This means, for example, that a process running as the same user could
attach strace to scdaemon and snoop PINs or traffic sent to and from
the smartcard.
Should we add a similar "prctl(PR_SET_DUMPABLE, 0)" to scdaemon as
well?
--dkg
-- System Information:
Debian Release: buster/sid
APT prefers testing-debug
APT policy: (500, 'testing-debug'), (500, 'testing'), (500, 'oldstable'), (200, 'unstable-debug'), (200, 'unstable'), (1, 'experimental-debug'), (1, 'experimental')
Architecture: amd64 (x86_64)
Foreign Architectures: i386
Kernel: Linux 4.13.0-1-amd64 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8), LANGUAGE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Versions of packages scdaemon depends on:
ii gpg-agent 2.2.1-2
ii libassuan0 2.4.3-3
ii libc6 2.24-17
ii libgcrypt20 1.7.9-1
ii libgpg-error0 1.27-3
ii libksba8 1.3.5-2
ii libnpth0 1.5-2
ii libusb-1.0-0 2:1.0.21-2
scdaemon recommends no packages.
scdaemon suggests no packages.
-- no debconf information
More information about the pkg-gnupg-maint
mailing list