apply PASSWORD_STORE_SIGNING_KEY to password files too?

David Mandelberg david at
Tue Nov 9 23:56:10 UTC 2021


 From the manpage, it looks like PASSWORD_STORE_SIGNING_KEY doesn't 
apply to the files with passwords, just .gpg-id and non-system 
extensions. Is that right? Would it be possible to expand it to cover 
the password files too?

If I'm understanding the way things work now, I think an attacker with 
write access to the password store and read access to the *public* 
key(s) could replace any password file with any contents they want, and 
it wouldn't be detectable. Replacing just a password isn't really a big 
deal, because the worst it could do is lock the user out of their 
account. Deleting the files would have that same effect, so there's no 
real reason to protect against it. Where I think this becomes more of a 
big deal is in combination with software that parses the files. E.g., 
looks like it parses usernames from the files. So if I have a password 
file that contains this text, encrypted:

login: dseomn

And the attacker replaces it with a file that contains the encrypted 
version of this text:

login: dseonm

The next time I go to log in, I could pretty easily log into an account 
controlled by the attacker. (Assuming I don't notice the swapped letters 
in the username, and either don't look at the password itself or don't 
notice that it's a different random password of the same length.) If I 
had logged in to that site in order to upload sensitive data to my 
account, the attacker would have gotten me to upload the data to their 
account instead.

I just started looking into using pass yesterday, so it's entirely 
possible I'm missing something that would prevent that attack. But if 
not, would it be possible to get support for signing password files on 
write, and verifying them on read?

More information about the Password-Store mailing list