osdir.com


[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

[Python-Dev] PEP 594: update 1


On 21/05/2019 18.08, Giampaolo Rodola' wrote:
> 
> 
> On Tue, 21 May 2019 at 21:13, Christian Heimes <christian at python.org <mailto:christian at python.org>> wrote:
> 
>     crypt
>     ~~~~~
> 
>     The `crypt <https://docs.python.org/3/library/crypt.html>`_ module implements
>     password hashing based on ``crypt(3)`` function from ``libcrypt`` or
>     ``libxcrypt`` on Unix-like platform. The algorithms are mostly old, of poor
>     quality and insecure. Users are discouraged to use them.
> 
>     * The module is not available on Windows. Cross-platform application need
>     ? an alternative implementation any way.
>     * Only DES encryption is guarenteed to be available. DES has an extremely
>     ? limited key space of 2**56.
>     * MD5, salted SHA256, salted SHA512, and Blowfish are optional extension.
>     ? SSHA256 and SSHA512 are glibc extensions. Blowfish (bcrypt) is the only
>     ? algorithm that is still secure. However it's in glibc and therefore not
>     ? commonly available on Linux.
>     * Depending on the platform, the ``crypt`` module is not thread safe. Only
>     ? implementations with ``crypt_r(3)`` are thread safe.
>     * The module was never useful to interact with system user and password
>     ? databases.
> 
> 
> This is actually not true. Their main use case is to compare passwords against the shadowed password db:
> https://github.com/giampaolo/pyftpdlib/blob/ee7b36c701b78b2d36e938c42d08dbfbad55a34f/pyftpdlib/authorizers.py#L413
> A quick search on searchcode.com <http://searchcode.com> shows both spwd and crypt modules are used. I am no security expert (and I wasn?t aware they are insecure until now, since the doc doesn?t mention it) but I would prefer seeing these 2 fixed or improved rather than bluntly removed.?

PS: "pw1 != pw2" on line 418 is also vulnerable to side channel attack. You must use a constant timing comparison operator like hmac.compare_digest() to compare password digests.

https://github.com/giampaolo/pyftpdlib/blob/ee7b36c701b78b2d36e938c42d08dbfbad55a34f/pyftpdlib/authorizers.py#L418