Re: Developer security questions.

[Goswin Brederlow <goswin.brederlow@student.uni-tuebingen.de>]

Julian Gilbey <J.D.Gilbey@qmw.ac.uk> writes:

> >  I have some questions regarding security.
> > 
> >  Is it possible for someone, if they gained root on my workstation, to 
> >  make a copy of my .pgp/ and .ssh/ directories, then use those from
> >  anywhere on the net to log into master.debian.org, or sign a package
> >  or email?
> > 
> >  I don't think this happened...  but wonder if it could.
> > 
> >  What should I know about this?

> But worse: a root exploit could allow the intruder to replace your PGP
> binary with a trojan version which could do any number of nasty
> things.  To detect this, you want something such as tripwire.
> 
> As far as ssh goes, if your ssh identity is stored as an authorized
> key on master, then it will be usable, otherwise, they'll still need a
> password.
> 
> Basically, if a seriously-minded cracker performs a root exploit on
> your machine, then you have a large number of serious problems.  But
> you can reduce the PGP one by the above method. ;)

If one gains root, he can replace pgp and ssh to send the used
password via mail the next time you are online. He can also replace
thr tripwire exec to not report ther differences.

The only secure way is to disconect the comp from the net and reboot
from a removeable medium, best would be a CDrom. Using any binary from 
the system that was connected would make everything insecure.

Best is to have two comps and don't connect them, but who wants to do
that.

May the Source be with you.
			Goswin