16 February 2008

password wallet update

Yesterday I discovered an interesting (and somewhat alarming) problem with my password wallet.

I use vim for my text editor (I have export VISUAL="/usr/bin/vim" in my ~/.bashrc). Yesterday I used the wallet script to update my password list, and then later I was using vim to edit a totally unrelated text file. I fat-fingered what I was doing and typed some magical set of keystrokes (still not sure just how I did that), and suddenly I was looking at several lines from my password file. I recognized those lines as lines that I had highlighted, deleted, and then pasted to a new location when editing the password file when I was using wallet. I then had a forehead-slapping moment when I realized that such edits are saved for posterity in the ~/.viminfo file.

Oops. That's a potential information leakage vulnerability.

But it is easily remedied by adding the following line to ~/.walletrc:
VISUAL="/usr/bin/vim -i NONE"

The -i option tells vim to use some file other than ~/.viminfo for its state information. In this case, it tells vim not to store state information at all. The trick of putting it in ~/.walletrc (rather than in ~/.bashrc) means that vim only skips storing state information when running wallet--vim will keep state information in ~.viminfo any other time you run vim.

So if you're using wallet with vim, I urge you to make the above change to your ~/.walletrc file.

No comments: