Re: passing username/passwd between two processes securely...
- From: "Jochen Kalmbach [MVP]" <nospam-Jochen.Kalmbach@xxxxxxxxx>
- Date: Tue, 01 Nov 2005 21:12:51 +0100
Hi John!
Thanks Jochen!
p1 ----encrypt data in shared memory---> p2
p2 uses private key to decrypt it.
however how p2 get the private key?
There is no need to pass a private key to the other process. Only the public keys must be exchanged. And this public key can be seen by others, they cannot read the decrypted message with this keys.
In my case we expect the private key is passed from p1.
As I said: No need to pass private keys...
If someone can attach to your process, then it also can read the username/password from your memory. So your problem has nothing to do with inter-process-communication...
Currently we don't consider this kind of attack. I only want to pass data without exposing to the 3rd process. So In my case the data could be clear text as long as it's not accessable in 3rd process. Shared memory problem is every process can open it if name is known.
As I said: This is no problem, beacuse no other programm can read un uncrypt your data... (at least not in the next 100 years).
Please read some docu about Public-Key-Crypthographie: http://en.wikipedia.org/wiki/Public-key_cryptography
I heard people say using p1 as parent process to launch p2. using windows pipe to restrict every other melicious process to access. Is that possible?
See other reply...
-- Greetings Jochen
My blog about Win32 and .NET http://blog.kalmbachnet.de/ .
- Follow-Ups:
- References:
- Prev by Date: Re: passing username/passwd between two processes securely...
- Next by Date: Best Practice For Forcing A Thread To Unblock Itself
- Previous by thread: Re: passing username/passwd between two processes securely...
- Next by thread: Re: passing username/passwd between two processes securely...
- Index(es):
Relevant Pages
|
