Re: CVS commit: src/crypto/external/bsd/netpgp/dist

To: source-changes-d%NetBSD.org@localhost
Subject: Re: CVS commit: src/crypto/external/bsd/netpgp/dist
From: "Perry E. Metzger" <perry%piermont.com@localhost>
Date: Fri, 08 May 2009 13:18:38 -0400

"Alistair G. Crooks" <agc%netbsd.org@localhost> writes:

> Module Name:  src
> Committed By: agc
> Date:         Fri May  8 06:06:39 UTC 2009
>
> Modified Files:
>       src/crypto/external/bsd/netpgp/dist: TODO configure configure.ac
>       src/crypto/external/bsd/netpgp/dist/src/bin: netpgp.c
>       src/crypto/external/bsd/netpgp/dist/src/lib: config.h config.h.in
>           crypto.c misc.c netpgp.c openssl_crypto.c reader.c signature.c
>           signature.h version.h
>
> Log Message:
[...]
> + if setrlimit exists, set the core dump size to be 0
>   (with thanks to mrg for the reference implementation)
[...]

What's the threat model this is protecting against? Presumably, if a
user can execute the program, and the program can read his keys, the
uesr can already read his own keys, so having a core dump doesn't give
the user information he didn't already have.

Perry

Follow-Ups:
- Re: CVS commit: src/crypto/external/bsd/netpgp/dist
  - From: Alistair Crooks

Prev by Date: Re: CVS commit: src/crypto/external/bsd/netpgp/dist
Next by Date: Re: CVS commit: src/crypto/external/bsd/netpgp/dist
Previous by Thread: Re: CVS commit: src/sys/ufs/ufs
Next by Thread: Re: CVS commit: src/crypto/external/bsd/netpgp/dist
Indexes:

Home | Main Index | Thread Index | Old Index