|
|
|
|
|
|
by julie78787
3755 days ago
|
|
|
Except that you can attack stored encryption secrets either off-line, or with the same privileges as the user. If they are hard-coded in the binary, they can be extracted off-line by another use with the same binary. If they are generated at run-time, they have to be stored with permissions that grants the user access to their own resource. There are programming techniques for sharing a file descriptor, but they aren't portable. That makes generating a keypair, then sharing an open file descriptor to the file containing the keypair impossible. |
|
|