[OTR-dev] private messages on dbus
Howard Chu
hyc at symas.com
Mon Feb 27 18:09:59 EST 2012
Dimitris Glynos wrote:
> On 02/28/2012 12:43 AM, Paul Wouters wrote:
>> I am still a bit confused how serious this issue really is. If you can
>> read as the uid of the user, you can already read the OTR keys from
>> disk. Now PFS will prevent decrypting, but whether you listen in on dbus
>> or the X11 channels doesnt really matter much. So I see value in
>> protecting the pidgin process from reading OTR materials outside
>> pidgin-otr, and hardening pidgin against network input, I see less value
>> into closing the dbus from the user for themselves.
>
> Paul the real problem here is broadcasting sensitive info
> over DBUS. If the sender chooses not to log this info
> so that they don't end up on the disk, there is no way
> for pidgin to enforce the same security policy to the
> 3rd party (possibly unrelated) apps that sit on the
> other end of DBUS. Such an app might accidentally log these
> messages because it cannot qualify that they were meant to be
> private.
That sounds like a bug in the 3rd party code then, since pidgin marks its
messages with PURPLE_MESSAGE_NO_LOG if they should not be logged, and the otr
plugin will turn off conversation logging if the user chooses that.
--
-- Howard Chu
CTO, Symas Corp. http://www.symas.com
Director, Highland Sun http://highlandsun.com/hyc/
Chief Architect, OpenLDAP http://www.openldap.org/project/
More information about the Devel
mailing list