wagner@iaoobelix.UUCP (04/12/87)
neeaters? I don't believe there are some... ]
A recent posting to comp.sources.unix by istvan@hhb presents a program called
`mix', doing something comparable to `crypt'. Two of the options offered by
this program may arise some security problems, I think. In particular, I am
talking of the environment variable MIXKEY, and the default `security' key
obtained from the effective user id.
People using commands like `ps -auxeww' (ugly, isn't it?) will get easy access
to the value of this particular variable because it is shown for all
subprocesses of the shell where you set it to your (no, not security) key.
Another problem might come from the default key. Istvan Mohos proposes in the
man page supplied with the program, to use this mechanism to make life easier
for people in the same project, accessing the same files, etc. But have you
thought of wizards (and even non-wizards) grabbing the /etc/passwd file,
extracting the uid of a user, feeding it into that function `fillm' (just
after replacing the line `ck = getuid()' by `ck = atoi(argv[1])' or so), and
thereby obtaining the most secret key to all files encrypted (or shall I say
enmixed) by means of the default key.
Please, don't think I am strongly against that nice program `mix'. I am just
feeling a bit unsecure using the two methods discussed above. Of course, it is
up to me to use them or not... Yet, I'd like to hear other people's opinion on
that issue (maybe the above features are what some users were just waiting
for in anticipation).
Juergen Wagner, (USENET) ...seismo!unido!iaoobel!wagner
("Gandalf") Fraunhofer Institute IAO, Stuttgart
...vanilla disclaimer