|Pathologically Eclectic Rubbish Lister|
Re^4: Authentication with /etc/shadowby fluffyvoidwarrior (Monk)
|on Feb 27, 2011 at 06:53 UTC||Need Help??|
Well, maybe the monks could think of a better route to take if I told more of the story. This could then be a long post and there will be discrepancies in what I tell you because I can't tell you everything.
Normally I would agree entirely with the point you just made.
My problem is:-
I have a program that loops once a second and provides command and control for a real world system - like a perl emulation of a plc. The real world system I am controlling has massive security significance for my client. It isn't exposed to wan access but it will never have very good physical security.
The main security risk I can see is the possibility of an attacker copying my program (stealing a hard drive or system unit wouldn't work) and running it on his computer to gain access via a hole in the wall. My program is a perlapp so trivial code inspection is unlikely. The situation is changing constantly and I only need to delay an attacker a few hours and his attack becomes pointless. Though he can steal the program and run on it on his computer I am hoping he is unlikely to clone my users. I want to authenticate my system users with every pass of my program loop and shred my perlapps if any of various conditions (user validation being one indicator that my program is running under an alien environment) are not met, thus causing the needed delay. Only one of my checks needs to fail and my program will commit suicide.
(security of some user passwords is not a consideration - I don't mind hard coding some of them in my perlapp)
The need for speed and low system overhead is due to the fact that my program may have to handle up to 50 requests with each pass and all the validity checks have to be done on every pass (if an attacker successfully runs a single pass then all could be lost). There will only ever be a handful of system users. All this is far from perfect and it isn't security but it's better than nothing.
I can probably thwart the unskilled with this sort of stuff and maybe delay the skilled long enough if I'm lucky. Anyway, physical security isn't really my responsibility - I'm just trying to help them out a bit.