On Fri, Feb 23, 2007 at 06:10:32PM +0000, openssh@p23q.org wrote:
> during my seminar of advanced exploitation techniques (SEAT, [1]) i
> developed some methods to crack into system via DMA (e.g. via firewire).
> as part of this i developed a program that steals loaded ssh private
> keys from ssh-agents. i was astonished to find that the keys are not
> immediately removed from the agent when a timeout occurs, but only the
> next time the agent is queried via its socket. i have written a
> __rough__ patch that should fix the problem (a timer checks every 10
> seconds). please take a look at it and, if you like it, incorporate it.
Overloading the sigalrm handler seems unnecessarily complex when select(2)
has a perfectly good timeout parameter :-)
--
Darren Tucker (dtucker at zip.com.au)
GPG key 8FF4FA69 / D9A3 86E9 7EEE AF4B B2D4 37C9 C982 80C7 8FF4 FA69
Good judgement comes with experience. Unfortunately, the experience
usually comes from bad judgement.
openssh-agent-immediate_expire.patch
Description: Text document
_______________________________________________
openssh-unix-dev mailing list
openssh-unix-dev@mindrot.org
http://lists.mindrot.org/mailman/listinfo/openssh-unix-dev
|