[openssl-users] Regarding the security of the keys

Mike Mohr akihana at gmail.com
Wed Jul 22 06:50:17 UTC 2015

On Tue, Jul 21, 2015 at 9:46 PM, Salz, Rich <rsalz at akamai.com> wrote:

> > Actually that isn't quite right.  A properly configured and
> tuned RBAC policy, when combined with PaX, can very effectively limit all
> userspace activity (including root access!).
> How do you know that the module is installed and actually doing things?
> How do you know what kernel is actually booted?

Of course you're right.  One might also consider attack vectors from an
unsecured BMC or the IME - they probably have undetectable DMA access to
the host, after all.  But that isn't the point ... steps can and should be
taken to lock down the host operating system.

> > It helps if you can also use a hardware security module to protect your
> key material.
> How do you know that the operations that YOU request are actually the ones
> being performed?  How do you know that the operating system isn't making
> additional requests of its own?
> You have to trust root.  No two ways about it.

The first question has no bearing on the second statement.  With or without
grsecurity/selinux, you have no way to guarantee that the kernel is
operating the way you expect it to at any given time.  I suppose it boils
down to the threat model.  However, limiting root's power is a good idea,
and grsecurity provides an excellent framework in which to do so.  Caveat

> _______________________________________________
> openssl-users mailing list
> To unsubscribe: https://mta.openssl.org/mailman/listinfo/openssl-users
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mta.openssl.org/pipermail/openssl-users/attachments/20150721/113ff07a/attachment.html>

More information about the openssl-users mailing list