[PATCH] dsdb Encrypt sensitive attributes on disk.

classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|

[PATCH] dsdb Encrypt sensitive attributes on disk.

Samba - samba-technical mailing list
Patch to encrypt the sensitive values while on disk.  This patch is
intended to mitigate the accidental exposure of the ldb files and
ldbdumps.  And to provide some protection against memory read attacks.

The values of the sensitive attributes:
    pekList
    msDS-ExecuteScriptPassword
    currentValue
    dBCSPwd
    initialAuthIncoming
    initialAuthOutgoing
    lmPwdHistory
    ntPwdHistory
    priorValue
    supplementalCredentials
    trustAuthIncoming
    trustAuthOutgoing
    unicodePwd
    clearTextPassword

Are encrypted using AEAD AES 128 GCM, using gnutls where it supports
this mode and falling back to nettle otherwise.

provisioning now generates a random key and writes this to the private
directory.


Review comments and other feedback appreciated.

Gary.





0001-pyglue-Add-function-to-generate-a-random-byte-string.txt (2K) Download Attachment
0002-source4-dsdb-Encrypt-sensitive-values-at-rest.txt (107K) Download Attachment
signature.asc (484 bytes) Download Attachment