Re: GPG-signed RCS Keyword Exploit

[Derek Price]

Jim Hyslop wrote:

> I have posted an analysis of the two means of handling the RCS keyword
> expansion exploit at
>
> http://ximbiot.com/cvs/wiki/index.php?title=Talk:GPG-Signed_Commits_RCS_Keyword_Exploit
>
>
> Comments are welcome.
>

I think you need an attack 1b: edit the revision metadata (what will be
subbed into keywords) directly in the RCS file.  This is equivalent to
your attack 2 (replace the server software) from the point of view of
the client, except it is easier to target individual files in a
syntactically correct way. 

Since 1b & 2 are so similar, perhaps 2 should be removed entirely and
old 1 & new 1b & old 2 should be grouped as 1a & 1b & 1c under a "1)
Compromised server" heading.

Good to note attack #3 as a reason why external verification tools could
be useful.

Finally, your Attack #1 (which I initially suggested renaming 1a) is
really a subset of the more general case of Mallory editing any revision
content directly.  This is exactly what GPG-signatures were designed to
detect in the first place and your document simply reiterates that the
design works.  I don't think this needs to be grouped under the "RCS
Keyword Exploit" heading.  It isn't an exploit and certainly doesn't
require keywords to be in use for an attacker to try it.  If you want to
analyze this attack in this context, perhaps start with it as a "working
example" of how signing and verification normally works before
discussing the keyword attack. Such a working example might be useful to
link to from the GPG-Signed Commits document too.

Regards,

Derek

-- 
Derek R. Price
CVS Solutions Architect
Ximbiot <http://ximbiot.com>
v: +1 717.579.6168
f: +1 717.234.3125
<mailto:derek@ximbiot.com>