flat assembler
Message board for the users of flat assembler.
Index
> Linux > linux security? Goto page 1, 2 Next |
Author |
|
rugxulo 19 Feb 2008, 03:01
It's probably a bug. Then again, I think Ubuntu targets home users, and as such, security (i.e not letting private data be in the swap file) is low on their priority list. Most home users don't go snooping around there anyways.
If you want, report it as a bug (and hope the bug doesn't require kernel recompile, upgrading X11, glibc, bash, gcc, etc.). |
|||
19 Feb 2008, 03:01 |
|
drhowarddrfine 19 Feb 2008, 03:04
I doubt it's a bug and I'm sure it has nothing to do with them targeting home users.
|
|||
19 Feb 2008, 03:04 |
|
pelaillo 19 Feb 2008, 13:18
Please remember that the swap partition is used just like RAM and you need local access to the hardware in order to be a security threat (just like RAM)
That said, it is disturbing that the password is to be stored in plain, anywhere. There's no need to do that and probably it is not just on ubuntu. I will consider it however a securuty issue and the kernel people might be interested. |
|||
19 Feb 2008, 13:18 |
|
f0dder 19 Feb 2008, 13:45
It probably means you have too little RAM in the machine
- it's easy enough to set up encrypted swap, btw, if you have an okay CPU. |
|||
19 Feb 2008, 13:45 |
|
drhowarddrfine 19 Feb 2008, 17:03
I still find it hard to believe they don't encrypt it first. If there has always been this issue, you'd hear screaming about it long ago.
|
|||
19 Feb 2008, 17:03 |
|
Octavio 19 Feb 2008, 20:49
f0dder wrote: It probably means you have too little RAM in the machine 512MB of ram,it would be easy to not use virtual memory with programs that manage passwords. The pasword is also in the filesystem (don't know yet in wich file). Also is curious that ext2fs on my machine is much more fragmented than fat32 filesystems (and i don't use defrag),and there are about 100000 files while a winxp installation only creates about 15000 files. To get the password it is needed to have acces to the computer,but once you get it .... how many more computers can be accessed with this same data? encription? are you sure encriptions keys are not on the hard disk too ? |
|||
19 Feb 2008, 20:49 |
|
f0dder 19 Feb 2008, 23:28
Octavio wrote: 512MB of ram,it would be easy to not use virtual memory with programs that manage passwords. Octavio wrote: The pasword is also in the filesystem (don't know yet in wich file). Octavio wrote: Also is curious that ext2fs on my machine is much more fragmented than Octavio wrote: encription? are you sure encriptions keys are not on the hard disk too ? |
|||
19 Feb 2008, 23:28 |
|
gunblade 19 Feb 2008, 23:33
I wouldn't complain to the ubuntu people about this, they will either not care/or wont be able to do anything about it.
Swap is just an extension of ram.. therefore private data will be stored there.. the fact that your password is being stored as plaintext will be the fault of one of the programs that you use. This depends on what you use (it could be your login, your messaging client, your web client.. who knows). If you really are worried about someone accessing your swap file, then don't use one.. would be the safest way to go. Encrypting your swap partition will not help, since while the machine is running, it would still be accessible, that would only help if someone grabbed your HD after your machine shut down. This will happen on any system you use.. depending on what programs you use. If even one program were to keep your password in plaintext, then your password will be in the ram and/or swap. As for the large amount of files on the system.. you have to be careful how you search.. /dev contains a large amount of "device files", which are not really files, they are more like... links to devices.. (bad terminology.. but basically they are 0 bytes big). Theres also /proc, which contains more "fake files" that contain information.. but its actually data gathered at runtime by the kernel.. so accessing one of those files is actually accessing some part of kernel ram so that you can find out say.. the temperature of your processor.. rather than accessing the HD. Another quick comment on the password thing.. I assume you found it by searching through the file for your password itself.. which makes it easy to find.. but imagine you did not know the password.. are you going to go and look through 512MB/1GB/etc.. of garbage data and try any and all ascii strings you find as a password? I mean, dont get me wrong.. programs shouldnt store password plain-text, and if you find out which program is storing your password in that way, then it may be wise not to use it anymore, or file a bug report with the program developers (not with the ubuntu developers.. they dont make the kernel, nor the programs.. they just package stuff that others make). |
|||
19 Feb 2008, 23:33 |
|
f0dder 19 Feb 2008, 23:43
gunblade: do keep in mind that on most systems, the entries in /dev do exist as filesystem entries, instead of being generated dynamically in RAM... so they do take up a slight bit of disk space, and (until filesystem cached) probably involve some disk access to look up major,minor node numbers. /proc is dynamic, though.
As for sifting through the swap partition, they're usually only a few gigs, and there's the gnu "strings" program, followed by sort+uniq... |
|||
19 Feb 2008, 23:43 |
|
Octavio 20 Feb 2008, 00:15
>If you really are worried about someone accessing your swap file, then >don't use one..
did not know linux can work without it, how can be disabled? >This will happen on any system you use.. depending on what programs >you use. If even one program were to keep your password in plaintext, IMHO this is a bad design,programs should not have acces to the password >As for the large amount of files on the system.. you have to be careful >how you search.. /dev contains a large amount of "device files", which I used OctaOS and my driver only supports normal files and directories (filetypes 0,1,2) don't know what to do with devices,links etc.. also noticed a lot of 0 bytes files from uninstalled programs >Another quick comment on the password thing.. I assume you found it >by searching through the file for your password itself.. which makes it >easy to find.. but imagine you did not know the password.. the user id is just before the password ,and unless you are alone when using your computer ,somebody else can view it. >are you going to go and look through 512MB/1GB/etc.. of garbage data >nd try any and all ascii strings you find as a password? i'm a linux newbie but perhaps some experts know how to search. well, i really don't care about security ,i just assume that nothing is secure. > the truth is that they're less prone to fragmentation than FAT i don't think so, is more a software problem, DOS was designed to use litle memory and simple algorithms ,while linux uses more memory and some strategies to keep fragmentation low. about file allocation ,ext2fs is not better than fat. |
|||
20 Feb 2008, 00:15 |
|
drhowarddrfine 20 Feb 2008, 02:38
I just briefly looked in my FreeBSD book and even there it says passwords are stored encrypted and Linux does too, so this doesn't make sense to me.
|
|||
20 Feb 2008, 02:38 |
|
f0dder 20 Feb 2008, 03:56
drhowarddrfine wrote: I just briefly looked in my FreeBSD book and even there it says passwords are stored encrypted and Linux does too, so this doesn't make sense to me. Encrypted (for old /etc/passwd , deprecated) passwords, salt-md5+hashed for shadow passwords... but that's only on disk, not in memory. _________________ - carpe noctem |
|||
20 Feb 2008, 03:56 |
|
drhowarddrfine 20 Feb 2008, 14:23
I thought he was talking about on disk. Still don't see why it would not be encrypted in memory, too. Like I said, if this is an issue, I'm sure someone would already be talking about it.
|
|||
20 Feb 2008, 14:23 |
|
revolution 20 Feb 2008, 14:28
drhowarddrfine wrote: Like I said, if this is an issue, I'm sure someone would already be talking about it. |
|||
20 Feb 2008, 14:28 |
|
Alphonso 20 Feb 2008, 15:24
I checked my Ubuntu 7.04 swap partition while on W2000 OS and did not find my password or user id there either as plain text ASCII or unicode.
|
|||
20 Feb 2008, 15:24 |
|
f0dder 20 Feb 2008, 16:00
Alphonso wrote: I checked my Ubuntu 7.04 swap partition while on W2000 OS and did not find my password or user id there either as plain text ASCII or unicode. You obviously need to have been in a low-memory situation for it to get paged out... _________________ - carpe noctem |
|||
20 Feb 2008, 16:00 |
|
Alphonso 20 Feb 2008, 16:58
f0dder wrote: You obviously need to have been in a low-memory situation for it to get paged out... Octavio, AFAIK you can use 'sudo swapoff -a' and 'sudo swapon -a' to turn off and on your swap, never tried it though. |
|||
20 Feb 2008, 16:58 |
|
daniel.lewis 21 Feb 2008, 06:22
Sounds right.
Both Windows and Linux passwords are extremely hack-able simply by virtue of their engineering being so well known; and because on modern processors, software cannot tell if the "warden" is looking. Humorously, Microsoft actually provides a scriptable API to automatically retrieve windows passwords. Go ahead and run that screensaver... : o I personally think that small, obscure OS's are more secure simply by virtue of hackers needing to learn an entirely new environment for only a small victim domain. |
|||
21 Feb 2008, 06:22 |
|
Octavio 21 Feb 2008, 10:07
I found my password on the file .bash_history wich stores all the commands you write on the terminal,the password is just after a sudo command so i suppose i write it accidentally without bein asked,sudo only
ask the password the first time but i wrote too fast But i'm not sure if this is the cause of the user id and password in the swap file.If you don't find it on yours computers then it is probably my mistake. |
|||
21 Feb 2008, 10:07 |
|
Goto page 1, 2 Next < Last Thread | Next Thread > |
Forum Rules:
|
Copyright © 1999-2024, Tomasz Grysztar. Also on GitHub, YouTube.
Website powered by rwasa.