Re: [hackers] [slock] [PATCH] simplify fix for CVE-2016-6866

From: Markus Teich <markus.teich_AT_stusta.mhn.de>
Date: Wed, 31 Aug 2016 22:05:35 +0200

FRIGN wrote:
> are you sure we are not hitting any TOCTTOU problems here?

Heyho,

I'm pretty sure this won't be a regression. According to the crypt(3) manpage
there are just three possible errors:

        EINVAL salt has the wrong format.

This is the important one. We want to check if the pws string returned by
getpw() is usable. That can be done in advance since the validity of pws does
not change. The problem of the CVE was that a pws string with a wrong format was
passed to crypt which lead to this error. Now with the new patch we can check if
the pws string is correct without using a heuristic like `strlen(pws) > 2`.
Therefore I think it is an improvement and spares us from adapting the heuristic
if the internals of this password hash change.

        ENOSYS The crypt() function was not implemented, probably because of U.S.A.
        export restrictions.

        EPERM /proc/sys/crypto/fips_enabled has a nonzero value, and an attempt was
        made to use a weak encryption type, such as DES.

Those two errors are also independent of the time, crypt() is called in my
understanding. In the previous version we would only catch them when the screen
is already locked and leave the user unable to unlock it again.

--Markus
Received on Wed Aug 31 2016 - 22:05:35 CEST