Skip to Content.
Sympa Menu

devel - Re: [sympa-developpers] [sympa-commits] sympa[11189] trunk/src/lib/Sympa/Message.pm: [dev] simplification: no need to use a fifo, a simple temporary file with strict permission is enough

Subject: Developers of Sympa

List archive

Chronological Thread  
  • From: IKEDA Soji <address@concealed>
  • To: address@concealed
  • Subject: Re: [sympa-developpers] [sympa-commits] sympa[11189] trunk/src/lib/Sympa/Message.pm: [dev] simplification: no need to use a fifo, a simple temporary file with strict permission is enough
  • Date: Tue, 22 Jul 2014 16:59:54 +0900

Guillaume,

On Tue, 22 Jul 2014 09:28:02 +0200
Guillaume Rousse <address@concealed> wrote:

> Le 22/07/2014 03:58, IKEDA Soji a écrit :
> > Hi,
> >
> > I prefer to on-memory processing. I suppose secure information such
> > as private keys would not be unneccessarily written into storage if
> > at all possible --- even if they are removed soon, random blocks of
> > disk will keep information --- let alone passphrases.
> If you're able to access the content of a file owned by Sympa uid, with
> owner-only read permission, you may as well read sympa configuration
> file directly, where this password is also available. So why bother with
> a FIFO here ?

For example, imagine a user replaced her Sympa server and want to
dispose older machine including disks.

Passphrases are stored into specific volume as config parameters.
So this volume should be paid special attention. However, if
passphrase had repeatedly been saved into other volumes, they should
be treated as carefully as former should be.

FIFO (I don't stick to this method, though) does not store
passed information to any perpetual storages. I suppose that is why
openssl supports FIFO.

Regards,

--- Soji

--
株式会社 コンバージョン セキュリティ&OSSソリューション部 池田荘児
〒231-0004 神奈川県横浜市中区元浜町3-21-2 ヘリオス関内ビル7F
e-mail address@concealed TEL 045-640-3550
http://www.conversion.co.jp/



Archive powered by MHonArc 2.6.19+.

Top of Page