[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: NYT on Netscape Crack



> 	The server process itself still needs access to that file
> though in order to verify passwords, so it can't be totally
> protected-- a bug in the server might reveal the password file. A
> relatively minor point..

Actually, it could communicate with a differently-privileged process.
The security gain probably isn't worth the performance hit, though.

(A possible secure channel: Give the password manager a uid of its own.
Have it listen on a unix-domain socket.  The server process opens the
socket, then fstat()s it to make sure it's really owned by the password
manager.)
-- 
Shields.