[openssl-users] Regarding the security of the keys
Mike Mohr
akihana at gmail.com
Wed Jul 22 06:50:17 UTC 2015
On Tue, Jul 21, 2015 at 9:46 PM, Salz, Rich <rsalz at akamai.com> wrote:
>
> > Actually that isn't quite right. A properly configured and
> tuned RBAC policy, when combined with PaX, can very effectively limit all
> userspace activity (including root access!).
>
> How do you know that the module is installed and actually doing things?
> How do you know what kernel is actually booted?
>
Of course you're right. One might also consider attack vectors from an
unsecured BMC or the IME - they probably have undetectable DMA access to
the host, after all. But that isn't the point ... steps can and should be
taken to lock down the host operating system.
>
> > It helps if you can also use a hardware security module to protect your
> key material.
>
> How do you know that the operations that YOU request are actually the ones
> being performed? How do you know that the operating system isn't making
> additional requests of its own?
>
> You have to trust root. No two ways about it.
>
The first question has no bearing on the second statement. With or without
grsecurity/selinux, you have no way to guarantee that the kernel is
operating the way you expect it to at any given time. I suppose it boils
down to the threat model. However, limiting root's power is a good idea,
and grsecurity provides an excellent framework in which to do so. Caveat
emptor.
>
> _______________________________________________
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20150721/113ff07a/attachment.html>
More information about the openssl-users
mailing list