On Wed, Jun 11, 2008 at 3:56 PM, David Shaw <[EMAIL PROTECTED]> wrote:
> If the attacker had access to your machine to implement the LD_PRELOAD
> attack, there are literally dozens of ways they can similarly steal
> whatever data they are trying to steal. Why do a very complex attack
> involving
Thing and check environment sanity.
-M
On 6/11/08, Robert J. Hansen <[EMAIL PROTECTED]> wrote:
> michael graffam wrote:
>> Has anyone read the article in the most recent 2600 regarding using
>> LD_PRELOAD to eavesdrop on gnupg?
>
> My reaction to it has been to yawn.
cessfully hides itself
from calls to getenv, and ignore attempts to unset env vars.
Manually walking the environment pointer reveals it, of course.
On 6/11/08, Alexander W. Janssen <[EMAIL PROTECTED]> wrote:
> -BEGIN PGP SIGNED MESSAGE-
> Hash: SHA1
>
> michael graf
Has anyone read the article in the most recent 2600 regarding using
LD_PRELOAD to eavesdrop on gnupg?
I realize that the actual recovery of a passphrase by this means is no
better than keylogger --
But what concerns me more (and isn't explicitely covered in the
article) is the ability to inject f
