LinuxQuestions.org

LinuxQuestions.org (/questions/)
-   Linux - Security (https://www.linuxquestions.org/questions/linux-security-4/)
-   -   Can malware steal a password held in ram by a running process? (https://www.linuxquestions.org/questions/linux-security-4/can-malware-steal-a-password-held-in-ram-by-a-running-process-4175529812/)

dugan 01-06-2015 07:47 PM

Quote:

Originally Posted by Ulysses_ (Post 5296706)
If it's more than one container, with different keys each container, then the passphrase has to stay in ram or you type it over and over every time you open yet another container.

You want to work with 3 containers

Typing the password an average of 3 times doesn't seem like an excessive burden in the context of what you're trying to build.

Ulysses_ 01-06-2015 07:51 PM

But that is exposing the passphrase to keyloggers we said.

cepheus11 01-07-2015 04:19 AM

Quote:

Originally Posted by Ulysses_ (Post 5296706)
...with different keys each container, then the passphrase has to stay in ram or you type it over and over

Wrong: Keyfiles are an alternative to passphrases. Although they are named "key"files, they have nothing to do with the actual "key" but function exactly like passphrases. They are not in RAM the whole time, but are accessible through the local filesystem. If this is better or worse, your decision. If you run your browser with a different user account using

Code:

gksudo -u browseruser
you could protect the keyfiles from being read by the browser.

Both cryptsetup-luks and truecrypt can use keyfiles instead of passphrases or in addition to passphrases.

Ulysses_ 01-07-2015 06:18 AM

Good idea, running the browser with another user account so as to hide the keyfile from malware coming from the browser.

We can do even better than that it seems with SELinux, otherwise it would not have been invented.

cepheus11 01-07-2015 06:50 AM

Yes, SELINUX is probably even better if configured right. Though it needs more research to configure it right.


All times are GMT -5. The time now is 10:54 PM.