|
#1
March 31st, 2003, 02:57 PM
| ||||
| ||||
| [FAQ] - PGP 8.0 Keychain vulnerability on Mac OS X http://www.pgp.com/products/macintosh/ This applies to PGP 8.0 for Mac OS X 10.2.x; perhaps this issue will be resolved in future relases (I've brought it to the attention of PGP staff) but for the moment, you should verify this yourself. The default installation of PGP 8.0 will make the following folder with the following properties to store your keychains (public and private): drwxr-xr-x ~/Documents/PGP/ As you can see, this is terribly dangerous. Any FTP or shell account user who is improperly chroot()ed will have complete access to your private keychain, and can read or replace it at will. To solve this issue: Code: [amras:~]% cd ~/Documents [amras:~/Documents]% mv PGP ~/Library/ [amras:~/Documents]% cd ~/Library [amras:~/Library]% chmod og-rx PGP [amras:~/Library]% ls -la | grep PGP drwx------ 5 amras staff 170 Mar 29 16:49 PGP [amras:~/Library]% chmod og-rx PGP/* [amras:~/Library]% ls -la PGP -rw------- 1 amras staff 1306 Mar 29 16:52 PGP Private Keyring.skr -rw------- 1 amras staff 1178 Mar 29 16:52 PGP Public Keyring.pkr Of course the most secure way to store your keychain is to move them to removeable media (like a flash drive or a CD-R), and keep the media in a safe. 
__________________ michaelsanford.com Blog Twitter Tumblr LinkedIn iMac Aluminum 24" | MacOS X 10.5-current | 3.06 GHz Intel Core Duo | 4 GB RAM | 1 TB HDD iBook G4 1.42 GHz | MacOS X 10.5-current | 1 GB RAM, 100 GB HDD AMD Athlon64 3500+ | Slackware 12 (2.6.21.5-smp) | 2 GB RAM, 2120 GB RAID 1, 2500 GB RAID 0  |
|
#2
March 31st, 2003, 08:45 PM
| ||||
| ||||
| I've been in contact with PGP and they say they have no plans to modify the installer to set more secure privileges.
__________________ michaelsanford.com Blog Twitter Tumblr LinkedIn iMac Aluminum 24" | MacOS X 10.5-current | 3.06 GHz Intel Core Duo | 4 GB RAM | 1 TB HDD iBook G4 1.42 GHz | MacOS X 10.5-current | 1 GB RAM, 100 GB HDD AMD Athlon64 3500+ | Slackware 12 (2.6.21.5-smp) | 2 GB RAM, 2120 GB RAID 1, 2500 GB RAID 0 |
 |
| Thread Tools | |
|
|
Similar Threads | ||||
| Thread | Thread Starter | Forum | Replies | Last Post |
| A bit of nostalgia: A Salute to Mac OS X | simX | Apple News, Rumors & Discussion | 31 | March 24th, 2005 06:45 AM |
| HP Photosmart 1315 and USB Print Sharing | zwheeloc | Mac Classic System & Software | 12 | February 6th, 2003 08:20 PM |
| apps list | Mac Osxtopus | Mac OS X System & Mac Software | 7 | May 29th, 2002 11:31 AM |
| Apple: Forget XP, try the Mac | tagliatelle | Bob's Place | 1 | November 25th, 2001 06:12 AM |
| Netscape 6.1 Profile Transfer from Mac OS 9.2.1 to Mac OS X | chemistry_geek | Apple News, Rumors & Discussion | 0 | October 12th, 2001 05:42 PM |
All times are GMT -5. The time now is 07:11 PM.
