hal 0.5.1 "Sonny...?"

W. Michael Petullo mike at flyn.org
Thu Apr 28 14:39:39 PDT 2005 

>>>  - Provide method invocations on hal device objects as requested by the
>>>    luks/hal/gnome-volume-manager and gnome-power-manager projects
>> [...]
>> 
>> This is good for the LUKS work.  I do have one question, something that
>> was discussed a while back on this list.  How, for example, will
>> gnome-volume-manager provide a passphrase to HAL through this method
>> invocation interface?  More specifically, what IPC method will be used?  I
>> remember discussing setting method parameters in an environment variable. 
>> This, however, is not necessarily safe for secrets like passphrases.  Will
>> a method script be able to read its parameter from stdin?
>> 
>> See also:
>> http://lists.freedesktop.org/archives/hal/2004-December/001486.html.
>> 
>> I just want to make sure that this is considered as the specification
>> moves from the TODO file into something more formal.
> 
> Yeah, this is sort of a sticky point. Ideally, I'd just like to pass it
> in the environment as it's then easy to process from shell scripts.
> Reading things from stdin seems a bit difficult and somewhat fragile.
> 
> AFAIK this isn't a problem on Linux 2.6 based operating systems, only
> ancient UNIX variants, yes? For interesting operating systems (remember,
> hal only runs on Linux 2.6 presently but I suppose e.g. recent versions
> Solaris, FreeBSD, Darwin is interesting too, dunno), is it safe to just
> pass it in the environment?

I don't think this is a wise assumption to make.  If we go this route,
HAL/LUKS would need to come with a disclaimer about porting the system
to other OSes.  My opinion is that there are IPC mechanisms for moving
secret things around and environment variables are not one of them.
I've read too many variations of the pppd password compromise by ps
attack.

I think a little care now may save embarrassment in the future.  I would
be very interested to hear what other people think.  I am by no means
the authoritative expert on this stuff.

-- 
Mike

:wq
_______________________________________________
hal mailing list
hal at lists.freedesktop.org
http://lists.freedesktop.org/mailman/listinfo/hal

More information about the Hal mailing list