[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]
Re: gdm Create User
- From: Lubomir Kundrak <lkundrak redhat com>
- To: Steve Grubb <sgrubb redhat com>
- Cc: fedora-devel-list redhat com
- Subject: Re: gdm Create User
- Date: Sun, 07 Oct 2007 17:33:45 +0200
On Sun, 2007-10-07 at 10:00 -0400, Steve Grubb wrote:
> On Sunday 07 October 2007 08:26:51 Lubomir Kundrak wrote:
> > > Leaking the information that a user exists or not is considered bad.
> >
> > Though I do not think that gdm is the right place to create user
> > accounts, I disagree with this statement.
> >
> > Knowing that an user exists or not is in principle about the same
> > dangerous as knowing whether a machine is up or not.
>
> Remember all the times that login programs or pam have been updated to fix
> timing attacks that sometimes reveal whether an account is valid? Let me show
> you one to refresh your memory (there are more):
>
> http://marc.info/?l=bugtraq&m=105172058404810&w=2
>
> A successful account breach requires 3 things: a machine name, a valid
> account, and the password. Letting people know that an account is valid cuts
> the attack down to a dictionary attack.
So what about trying to hide the machine name? This is plain nonsense.
Time that was spent avoiding timing `attacks' was wasted. The _password_
is meant to be a key that is to be hidden, not the account name. If
anything, dictionary attacks can be done against the username-password
pair also.
--
Lubomir Kundrak (Red Hat Security Response Team)
[Date Prev][Date Next] [Thread Prev][Thread Next]
[Thread Index]
[Date Index]
[Author Index]