[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
[OATH-Toolkit-help] Bug#807992: Bug#807992: per user oath files
From: |
Antoine Beaupré |
Subject: |
[OATH-Toolkit-help] Bug#807992: Bug#807992: per user oath files |
Date: |
Wed, 16 Dec 2015 08:44:18 -0500 |
User-agent: |
Notmuch/0.18.2 (http://notmuchmail.org) Emacs/24.4.1 (x86_64-pc-linux-gnu) |
On 2015-12-16 06:21:01, Ilkka Virta wrote:
> A problem with doing that, is that anything that runs with the user's
> permissions could trivially read the secret key from the user's home
> directory. With SSH keys it's not a problem, since they are _public_
> keys. Plus, a user could do something stupid, like resetting the OTP
> counter on every login, so they wouldn't need to use a pesky changing
> password, but instead use the same one always...
>
> I think some unix-like systems have per-user password files under /etc,
> so that they don't need setuid-root helpers to access them, but there
> still is some program to sanity check the password the user tries to
> set. (a setgid helper plus some trickery with file and directory
> permissions.) Doing something like that would simplify the backend, but
> of course you'd still need a helper application to access the files.
Right, you are right of course. I do think it's critical to keep that
file from being readable from random apps. The format *is* also a little
brittle so it seems important to have standardized access as well...
Maybe having a system similar to shadow passwords would be necessary
here: there could be a secret file that can only be read by root (or
with the right caps) and would need a special tool (oath.passwd?) to
reset.
so harder than i thought...
a.
--
Si l'image donne l'illusion de savoir
C'est que l'adage pretend que pour croire,
L'important ne serait que de voir
- Lofofora