[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]

Re: gdm Create User

From: Lubomir Kundrak <lkundrak redhat com>
To: Steve Grubb <sgrubb redhat com>
Cc: fedora-devel-list redhat com
Subject: Re: gdm Create User
Date: Sun, 07 Oct 2007 17:33:45 +0200

On Sun, 2007-10-07 at 10:00 -0400, Steve Grubb wrote:
> On Sunday 07 October 2007 08:26:51 Lubomir Kundrak wrote:
> > > Leaking the information that a user exists or not is considered bad.
> >
> > Though I do not think that gdm is the right place to create user
> > accounts, I disagree with this statement.
> >
> > Knowing that an user exists or not is in principle about the same
> > dangerous as knowing whether a machine is up or not.
> 
> Remember all the times that login programs or pam have been updated to fix 
> timing attacks that sometimes reveal whether an account is valid? Let me show 
> you one to refresh your memory (there are more):
> 
> http://marc.info/?l=bugtraq&m=105172058404810&w=2
> 
> A successful account breach requires 3 things: a machine name, a valid 
> account, and the password. Letting people know that an account is valid cuts 
> the attack down to a dictionary attack.

So what about trying to hide the machine name? This is plain nonsense.
Time that was spent avoiding timing `attacks' was wasted. The _password_
is meant to be a key that is to be hidden, not the account name. If
anything, dictionary attacks can be done against the username-password
pair also.

-- 
Lubomir Kundrak (Red Hat Security Response Team)

Follow-Ups:
- Re: gdm Create User
  - From: Nicolas Mailhot
- Re: gdm Create User
  - From: Steve Grubb
- Re: gdm Create User
  - From: Alan Cox

References:
- gdm Create User
  - From: Richi Plana
- Re: gdm Create User
  - From: Simo Sorce
- Re: gdm Create User
  - From: Lubomir Kundrak
- Re: gdm Create User
  - From: Steve Grubb

[Date Prev][Date Next] [Thread Prev][Thread Next] [Thread Index] [Date Index] [Author Index]