From owner-freebsd-security@FreeBSD.ORG Sun Mar 6 08:23:16 2005 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2487816A4CE for ; Sun, 6 Mar 2005 08:23:16 +0000 (GMT) Received: from smtpq1.home.nl (smtpq1.home.nl [213.51.128.196]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6D68043D41 for ; Sun, 6 Mar 2005 08:23:15 +0000 (GMT) (envelope-from dodell@sitetronics.com) Received: from [213.51.128.134] (port=49018 helo=smtp3.home.nl) by smtpq1.home.nl with esmtp (Exim 4.30) id 1D7r2g-0001XZ-8M; Sun, 06 Mar 2005 09:23:14 +0100 Received: from cc740438-a.deven1.ov.home.nl ([82.72.18.239]:32912 helo=192.168.1.104) by smtp3.home.nl with esmtp (Exim 4.30) id 1D7r2f-0007B3-6V; Sun, 06 Mar 2005 09:23:13 +0100 From: "Devon H. O'Dell" To: Colin Percival In-Reply-To: <42296320.4080303@wadham.ox.ac.uk> References: <42296320.4080303@wadham.ox.ac.uk> Content-Type: text/plain Organization: SiteTronics Date: Sun, 06 Mar 2005 09:23:10 +0100 Message-Id: <1110097390.3927.2.camel@localhost.localdomain> Mime-Version: 1.0 X-Mailer: Evolution 2.0.2 (2.0.2-3) Content-Transfer-Encoding: 7bit X-AtHome-MailScanner-Information: Please contact support@home.nl for more information X-AtHome-MailScanner: Found to be clean cc: freebsd-security@freebsd.org Subject: Re: Heads up: End of RELENG_4_8 support X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 06 Mar 2005 08:23:16 -0000 On Fri, 2005-03-04 at 23:43 -0800, Colin Percival wrote: > At the end of March, the RELENG_4_8 (sometimes called 4.8-SECURITY) > branch will reach its designated End of Life and cease to be supported > by the FreeBSD Security Team. > Released in April 2003, FreeBSD 4.8 was the first release designated > for "extended" two-year security support instead of the normal one-year > support. Over this time, 27 security advisories have been issued which > have affected FreeBSD 4.8. > It is recommended that all FreeBSD 4.8 users upgrade their systems to > FreeBSD 4.11 before the end of the month. FreeBSD 4.11 has also been > designated for extended support, and will be supported until at least > the end of January 2007. > > After FreeBSD 4.8, the next release End of Life will be for FreeBSD > 4.10, which will cease to be supported at the end of May 2006. > > Colin Percival Colin, Is it possible to use freebsd-update to update my 4.8-SECURITY system to your 4.11 build? --Devon From owner-freebsd-security@FreeBSD.ORG Sun Mar 6 08:30:04 2005 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3884816A4CE for ; Sun, 6 Mar 2005 08:30:04 +0000 (GMT) Received: from pd3mo1so.prod.shaw.ca (shawidc-mo1.cg.shawcable.net [24.71.223.10]) by mx1.FreeBSD.org (Postfix) with ESMTP id 4D90243D48 for ; Sun, 6 Mar 2005 08:30:03 +0000 (GMT) (envelope-from colin.percival@wadham.ox.ac.uk) Received: from pd2mr6so.prod.shaw.ca (pd2mr6so-qfe3.prod.shaw.ca [10.0.141.9]) by l-daemon (Sun ONE Messaging Server 6.0 HotFix 1.01 (built Mar 15 2004)) with ESMTP id <0ICX000YE8XX4QA0@l-daemon> for freebsd-security@freebsd.org; Sun, 06 Mar 2005 01:29:57 -0700 (MST) Received: from pn2ml7so.prod.shaw.ca ([10.0.121.151]) by pd2mr6so.prod.shaw.ca (Sun ONE Messaging Server 6.0 HotFix 1.01 (built Mar 15 2004)) with ESMTP id <0ICX00KPF8XXMFI0@pd2mr6so.prod.shaw.ca> for freebsd-security@freebsd.org; Sun, 06 Mar 2005 01:29:57 -0700 (MST) Received: from [192.168.0.60] (S0106006067227a4a.vc.shawcable.net [24.87.209.6]) by l-daemon (iPlanet Messaging Server 5.2 HotFix 1.18 (built Jul 28 2003)) freebsd-security@freebsd.org; Sun, 06 Mar 2005 01:29:57 -0700 (MST) Date: Sun, 06 Mar 2005 00:29:56 -0800 From: Colin Percival In-reply-to: <1110097390.3927.2.camel@localhost.localdomain> To: "Devon H. O'Dell" Message-id: <422ABF84.2010808@wadham.ox.ac.uk> MIME-version: 1.0 Content-type: text/plain; charset=ISO-8859-1 Content-transfer-encoding: 7bit X-Accept-Language: en-us, en X-Enigmail-Version: 0.90.1.0 X-Enigmail-Supports: pgp-inline, pgp-mime References: <42296320.4080303@wadham.ox.ac.uk> <1110097390.3927.2.camel@localhost.localdomain> User-Agent: Mozilla Thunderbird 1.0 (X11/20050302) cc: freebsd-security@freebsd.org Subject: Re: Heads up: End of RELENG_4_8 support X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 06 Mar 2005 08:30:04 -0000 Devon H. O'Dell wrote: > On Fri, 2005-03-04 at 23:43 -0800, Colin Percival wrote: >> It is recommended that all FreeBSD 4.8 users upgrade their systems to >>FreeBSD 4.11 before the end of the month. FreeBSD 4.11 has also been >>designated for extended support, and will be supported until at least >>the end of January 2007. > > Is it possible to use freebsd-update to update my 4.8-SECURITY system to > your 4.11 build? No. However, you can download the 4.11-RELEASE iso image, mount it on /cdrom, and use that to install 4.11. Colin Percival From owner-freebsd-security@FreeBSD.ORG Sun Mar 6 06:09:09 2005 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 88CE916A4CE for ; Sun, 6 Mar 2005 06:09:09 +0000 (GMT) Received: from pimout4-ext.prodigy.net (pimout4-ext.prodigy.net [207.115.63.98]) by mx1.FreeBSD.org (Postfix) with ESMTP id 26FD243D39 for ; Sun, 6 Mar 2005 06:09:09 +0000 (GMT) (envelope-from julian@elischer.org) Received: from [192.168.1.103] (adsl-67-124-50-148.dsl.snfc21.pacbell.net [67.124.50.148])j266905K140352; Sun, 6 Mar 2005 01:09:07 -0500 Message-ID: <422A9E79.1090703@elischer.org> Date: Sat, 05 Mar 2005 22:08:57 -0800 From: Julian Elischer User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.7.5) Gecko/20050214 X-Accept-Language: en, hu MIME-Version: 1.0 To: Colin Percival References: <42296320.4080303@wadham.ox.ac.uk> In-Reply-To: <42296320.4080303@wadham.ox.ac.uk> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit X-Mailman-Approved-At: Sun, 06 Mar 2005 13:19:45 +0000 cc: freebsd-security@freebsd.org Subject: Re: Heads up: End of RELENG_4_8 support X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 06 Mar 2005 06:09:09 -0000 Colin Percival wrote: > At the end of March, the RELENG_4_8 (sometimes called 4.8-SECURITY) > branch will reach its designated End of Life and cease to be supported > by the FreeBSD Security Team. > Released in April 2003, FreeBSD 4.8 was the first release designated > for "extended" two-year security support instead of the normal one-year > support. Over this time, 27 security advisories have been issued which > have affected FreeBSD 4.8. > It is recommended that all FreeBSD 4.8 users upgrade their systems to > FreeBSD 4.11 before the end of the month. FreeBSD 4.11 has also been > designated for extended support, and will be supported until at least > the end of January 2007. > > After FreeBSD 4.8, the next release End of Life will be for FreeBSD > 4.10, which will cease to be supported at the end of May 2006. > > Colin Percival > _______________________________________________ > freebsd-security@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org" thanks for holding 4.8 as long as you have.. From owner-freebsd-security@FreeBSD.ORG Sun Mar 6 14:58:25 2005 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4140916A4CE for ; Sun, 6 Mar 2005 14:58:25 +0000 (GMT) Received: from sender.vkt.lt (sender.vkt.lt [212.59.30.61]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2CB4643D2F for ; Sun, 6 Mar 2005 14:58:24 +0000 (GMT) (envelope-from hugle@vkt.lt) Received: (qmail 19084 invoked by uid 1002); 6 Mar 2005 14:58:12 -0000 Received: from hugle@vkt.lt by sender.vkt.lt by uid 89 with qmail-scanner-1.22 Clear:RC:0(192.168.8.177):SA:0(-2.8/5.0):. Processed in 0.797496 secs); 06 Mar 2005 14:58:12 -0000 X-Spam-Status: No, hits=-2.8 required=5.0 Received: from unknown (HELO user-8-177.vkt.lan) (192.168.8.177) by 0 with SMTP; 6 Mar 2005 14:58:11 -0000 Date: Sun, 6 Mar 2005 16:58:24 +0200 From: Jara X-Mailer: The Bat! (v3.0.1.33) Professional X-Priority: 3 (Normal) Message-ID: <1842482240.20050306165824@vkt.lt> To: freebsd-security@freebsd.org In-Reply-To: <422ABF84.2010808@wadham.ox.ac.uk> References: <42296320.4080303@wadham.ox.ac.uk> <1110097390.3927.2.camel@localhost.localdomain> <422ABF84.2010808@wadham.ox.ac.uk> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Subject: Re[2]: Heads up: End of RELENG_4_8 support X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 06 Mar 2005 14:58:25 -0000 > Devon H. O'Dell wrote: >> On Fri, 2005-03-04 at 23:43 -0800, Colin Percival wrote: >>> It is recommended that all FreeBSD 4.8 users upgrade their systems to >>>FreeBSD 4.11 before the end of the month. FreeBSD 4.11 has also been >>>designated for extended support, and will be supported until at least >>>the end of January 2007. >> >> Is it possible to use freebsd-update to update my 4.8-SECURITY system to >> your 4.11 build? > No. However, you can download the 4.11-RELEASE iso image, mount it on > /cdrom, and use that to install 4.11. > Colin Percival Hello Colin, Maybe you or anyone else on the list know any sources of information how is it done? Some kind of guide. Thanks, Jarek > _______________________________________________ > freebsd-security@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to > "freebsd-security-unsubscribe@freebsd.org" From owner-freebsd-security@FreeBSD.ORG Mon Mar 7 13:03:33 2005 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id ACFF916A4CE; Mon, 7 Mar 2005 13:03:33 +0000 (GMT) Received: from darkness.comp.waw.pl (darkness.comp.waw.pl [195.117.238.136]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3EB7043D39; Mon, 7 Mar 2005 13:03:33 +0000 (GMT) (envelope-from pjd@darkness.comp.waw.pl) Received: by darkness.comp.waw.pl (Postfix, from userid 1009) id 00B72ACB34; Mon, 7 Mar 2005 14:03:30 +0100 (CET) Date: Mon, 7 Mar 2005 14:03:30 +0100 From: Pawel Jakub Dawidek To: freebsd-security@freebsd.org Message-ID: <20050307130330.GX9291@darkness.comp.waw.pl> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="XwYplyRgqW9Nm5hN" Content-Disposition: inline User-Agent: Mutt/1.4.2i X-PGP-Key-URL: http://people.freebsd.org/~pjd/pjd.asc X-OS: FreeBSD 5.2.1-RC2 i386 Subject: New entropy source proposal. X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 07 Mar 2005 13:03:33 -0000 --XwYplyRgqW9Nm5hN Content-Type: text/plain; charset=iso-8859-2 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Hi. I've been playing a bit with "use sound card as an entropy source" idea. This simple program does what I wanted: http://people.freebsd.org/~pjd/misc/sndrand.tbz The program is very simple, it should be run with two arguments: % sndtest /dev/dspW 1048576 > rand.data This command will generate 1MB of random data. With my sound card: pcm0: port 0xe100-0xe13f,0xe000-0xe0ff irq 11 at dev= ice 31.5 on pci0 pcm0: [GIANT-LOCKED] pcm0: It produce very good entropy. I tried those tests to prove its quality: - FIPS 140-2 tests - 'ent' tests: http://www.fourmilab.ch/random/ - Famous 'diehard' tests The full output from diehard tests is here: http://people.freebsd.org/~pjd/misc/sndrand_diehard.txt The idea of using sound card as entropy source was taken from RFC 1750. If people like the idea and someone more skilled than me in this subject can review this stuff, we can start to put it into kernel "random infrastructure". It could also be implemented as userland daemon which writes collected entropy to /dev/random maybe... --=20 Pawel Jakub Dawidek http://www.wheel.pl pjd@FreeBSD.org http://www.FreeBSD.org FreeBSD committer Am I Evil? Yes, I Am! --XwYplyRgqW9Nm5hN Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (FreeBSD) iD8DBQFCLFEiForvXbEpPzQRAvqoAKCS6Uog2CINyj3ybNo1a8C/qAbUQQCcDP1T KkECG+WdYlnJyLZkuaiW0FA= =l8tH -----END PGP SIGNATURE----- --XwYplyRgqW9Nm5hN-- From owner-freebsd-security@FreeBSD.ORG Mon Mar 7 13:07:13 2005 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 78C2B16A4CE; Mon, 7 Mar 2005 13:07:13 +0000 (GMT) Received: from critter.freebsd.dk (f170.freebsd.dk [212.242.86.170]) by mx1.FreeBSD.org (Postfix) with ESMTP id 7F9EB43D46; Mon, 7 Mar 2005 13:07:12 +0000 (GMT) (envelope-from phk@critter.freebsd.dk) Received: from critter.freebsd.dk (localhost [127.0.0.1]) by critter.freebsd.dk (8.13.1/8.13.1) with ESMTP id j27D7Bqi016932; Mon, 7 Mar 2005 14:07:11 +0100 (CET) (envelope-from phk@critter.freebsd.dk) To: Pawel Jakub Dawidek From: "Poul-Henning Kamp" In-Reply-To: Your message of "Mon, 07 Mar 2005 14:03:30 +0100." <20050307130330.GX9291@darkness.comp.waw.pl> Date: Mon, 07 Mar 2005 14:07:11 +0100 Message-ID: <16931.1110200831@critter.freebsd.dk> Sender: phk@critter.freebsd.dk cc: freebsd-security@freebsd.org Subject: Re: New entropy source proposal. X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 07 Mar 2005 13:07:13 -0000 In message <20050307130330.GX9291@darkness.comp.waw.pl>, Pawel Jakub Dawidek wr ites: >I've been playing a bit with "use sound card as an entropy source" idea. >This simple program does what I wanted: Can you give a quick summary: What sample setting do you use ? What gain setting do you use ? Have you run experiements where you have attached various signal sources to the input ? Music ? Pure sine tone ? -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk@FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence. From owner-freebsd-security@FreeBSD.ORG Mon Mar 7 13:17:34 2005 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5995816A4CE for ; Mon, 7 Mar 2005 13:17:34 +0000 (GMT) Received: from darkness.comp.waw.pl (darkness.comp.waw.pl [195.117.238.136]) by mx1.FreeBSD.org (Postfix) with ESMTP id DFFEA43D2D for ; Mon, 7 Mar 2005 13:17:33 +0000 (GMT) (envelope-from pjd@darkness.comp.waw.pl) Received: by darkness.comp.waw.pl (Postfix, from userid 1009) id 820B5AC956; Mon, 7 Mar 2005 14:17:32 +0100 (CET) Date: Mon, 7 Mar 2005 14:17:32 +0100 From: Pawel Jakub Dawidek To: Poul-Henning Kamp Message-ID: <20050307131732.GY9291@darkness.comp.waw.pl> References: <20050307130330.GX9291@darkness.comp.waw.pl> <16931.1110200831@critter.freebsd.dk> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="VrJw22pJ2/Vk+GaX" Content-Disposition: inline In-Reply-To: <16931.1110200831@critter.freebsd.dk> User-Agent: Mutt/1.4.2i X-PGP-Key-URL: http://people.freebsd.org/~pjd/pjd.asc X-OS: FreeBSD 5.2.1-RC2 i386 cc: freebsd-security@freebsd.org Subject: Re: New entropy source proposal. X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 07 Mar 2005 13:17:34 -0000 --VrJw22pJ2/Vk+GaX Content-Type: text/plain; charset=iso-8859-2 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Mon, Mar 07, 2005 at 02:07:11PM +0100, Poul-Henning Kamp wrote: +> In message <20050307130330.GX9291@darkness.comp.waw.pl>, Pawel Jakub Daw= idek wr +> ites: +>=20 +> >I've been playing a bit with "use sound card as an entropy source" idea. +> >This simple program does what I wanted: +>=20 +> Can you give a quick summary: +>=20 +> What sample setting do you use ? +>=20 +> What gain setting do you use ? +>=20 +> Have you run experiements where you have attached various +> signal sources to the input ? Music ? Pure sine tone ? I didn't make any sound card configuration nor connected sound source. It was just pure noice (no microphone attached). /dev/dspW uses 16-bit little endian encoding and I only use less significant 8 bits. As I read "Open Sound System" guide, on sound device open it works in 8kHz mono mode. So that was my testing environment. I'm not an expert in this area, of course, just playing around and giving a start for future research, I hope. --=20 Pawel Jakub Dawidek http://www.wheel.pl pjd@FreeBSD.org http://www.FreeBSD.org FreeBSD committer Am I Evil? Yes, I Am! --VrJw22pJ2/Vk+GaX Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (FreeBSD) iD8DBQFCLFRsForvXbEpPzQRAgicAJ404FWCCOKN4q210G3OmfMi+X15mwCgktlf tPuT9fuX00PK/VnP/1TVvZM= =fc9f -----END PGP SIGNATURE----- --VrJw22pJ2/Vk+GaX-- From owner-freebsd-security@FreeBSD.ORG Mon Mar 7 16:10:12 2005 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0CAE316A4CE; Mon, 7 Mar 2005 16:10:12 +0000 (GMT) Received: from storm.uk.FreeBSD.org (storm.uk.FreeBSD.org [194.242.157.42]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6994C43D2F; Mon, 7 Mar 2005 16:10:11 +0000 (GMT) (envelope-from mark@grondar.org) Received: from storm.uk.FreeBSD.org (uucp@localhost [127.0.0.1]) by storm.uk.FreeBSD.org (8.13.1/8.13.1) with ESMTP id j27GA9Hl056715; Mon, 7 Mar 2005 16:10:09 GMT (envelope-from mark@grondar.org) Received: (from uucp@localhost)j27GA9CU056714; Mon, 7 Mar 2005 16:10:09 GMT (envelope-from mark@grondar.org) Received: from grondar.org (localhost [127.0.0.1]) by grovel.grondar.org (8.13.3/8.13.1) with ESMTP id j27G9mR1032489; Mon, 7 Mar 2005 16:09:48 GMT (envelope-from mark@grondar.org) Message-Id: <200503071609.j27G9mR1032489@grovel.grondar.org> To: Pawel Jakub Dawidek From: Mark Murray In-Reply-To: Your message of "Mon, 07 Mar 2005 14:03:30 +0100." <20050307130330.GX9291@darkness.comp.waw.pl> Date: Mon, 07 Mar 2005 16:09:48 +0000 Sender: mark@grondar.org cc: freebsd-security@FreeBSD.ORG cc: markm@FreeBSD.ORG Subject: Re: New entropy source proposal. X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 07 Mar 2005 16:10:12 -0000 Pawel Jakub Dawidek writes: > The program is very simple, it should be run with two arguments: > > % sndtest /dev/dspW 1048576 > rand.data > > This command will generate 1MB of random data. Er, not very random. > With my sound card: > > pcm0: port 0xe100-0xe13f,0xe000-0xe0ff irq 11 at dev= > ice 31.5 on pci0 > pcm0: [GIANT-LOCKED] > pcm0: Did you have a noise source connected? I generated 1MB of data and it was not very random at all. "hexdump -C data" showed the data was very poor indeed. > It produce very good entropy. I tried those tests to prove its quality: > - FIPS 140-2 tests > - 'ent' tests: http://www.fourmilab.ch/random/ > - Famous 'diehard' tests > > The full output from diehard tests is here: > > http://people.freebsd.org/~pjd/misc/sndrand_diehard.txt > > The idea of using sound card as entropy source was taken from RFC 1750. That RFC mentions connecting the sound card to a noise source. > If people like the idea and someone more skilled than me in this subject > can review this stuff, we can start to put it into kernel > "random infrastructure". It could also be implemented as userland daemon > which writes collected entropy to /dev/random maybe... I like the idea, but we need a bit more hardware assistance, I think. M -- Mark Murray iumop ap!sdn w,I idlaH From owner-freebsd-security@FreeBSD.ORG Mon Mar 7 19:33:17 2005 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 023DD16A4CE; Mon, 7 Mar 2005 19:33:17 +0000 (GMT) Received: from critter.freebsd.dk (f170.freebsd.dk [212.242.86.170]) by mx1.FreeBSD.org (Postfix) with ESMTP id 46CB643D3F; Mon, 7 Mar 2005 19:33:16 +0000 (GMT) (envelope-from phk@critter.freebsd.dk) Received: from critter.freebsd.dk (localhost [127.0.0.1]) by critter.freebsd.dk (8.13.1/8.13.1) with ESMTP id j27JXFhG001000; Mon, 7 Mar 2005 20:33:15 +0100 (CET) (envelope-from phk@critter.freebsd.dk) To: Mark Murray From: "Poul-Henning Kamp" In-Reply-To: Your message of "Mon, 07 Mar 2005 16:09:48 GMT." <200503071609.j27G9mR1032489@grovel.grondar.org> Date: Mon, 07 Mar 2005 20:33:15 +0100 Message-ID: <999.1110223995@critter.freebsd.dk> Sender: phk@critter.freebsd.dk cc: freebsd-security@freebsd.org cc: Pawel Jakub Dawidek Subject: Re: New entropy source proposal. X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 07 Mar 2005 19:33:17 -0000 In message <200503071609.j27G9mR1032489@grovel.grondar.org>, Mark Murray writes : >Did you have a noise source connected? I generated 1MB of data and it was not >very random at all. "hexdump -C data" showed the data was very poor indeed. There will be a big difference between the microphone and line inputs in this respect. I'm quite reserved about this because of the hardware situation around soundcards (almost, but not quite entirely unlike each other), and the fact that a connected source may trick is into beliving we have random data when in fact we have not at all random data. A lot of caution is necessary. That said, a userland program which havests entropy from the soundcard and sticks it into the kernel may not be a bad idea, but we need to kill the notion "if it sounds like noise it is probably random" effectively in the documentation. (If you doubt me, listen to a 14.4 or faster modem). -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk@FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence. From owner-freebsd-security@FreeBSD.ORG Mon Mar 7 20:05:13 2005 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9A86516A4D3; Mon, 7 Mar 2005 20:05:13 +0000 (GMT) Received: from storm.uk.FreeBSD.org (storm.uk.FreeBSD.org [194.242.157.42]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0CC5D43D48; Mon, 7 Mar 2005 20:05:13 +0000 (GMT) (envelope-from mark@grondar.org) Received: from storm.uk.FreeBSD.org (uucp@localhost [127.0.0.1]) by storm.uk.FreeBSD.org (8.13.1/8.13.1) with ESMTP id j27K5BeF059396; Mon, 7 Mar 2005 20:05:11 GMT (envelope-from mark@grondar.org) Received: (from uucp@localhost)j27K5AHx059395; Mon, 7 Mar 2005 20:05:10 GMT (envelope-from mark@grondar.org) Received: from grondar.org (localhost [127.0.0.1]) by grovel.grondar.org (8.13.3/8.13.1) with ESMTP id j27K0Phv035052; Mon, 7 Mar 2005 20:00:25 GMT (envelope-from mark@grondar.org) Message-Id: <200503072000.j27K0Phv035052@grovel.grondar.org> X-Mailer: exmh version 2.7.0 06/18/2004 with nmh-1.0.4 To: Garrett Wollman From: Mark Murray In-Reply-To: Your message of "Mon, 07 Mar 2005 14:44:49 EST." <200503071944.j27JiniV006061@khavrinen.lcs.mit.edu> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Date: Mon, 07 Mar 2005 20:00:25 +0000 Sender: mark@grondar.org cc: freebsd-security@FreeBSD.ORG cc: Mark Murray Subject: Re: New entropy source proposal. X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 07 Mar 2005 20:05:13 -0000 Garrett Wollman writes: > The usual noise source is thermal noise in the machine itself. The > process that I've heard described involves: > > 0) Disconnecting any input sources. > 1) Turning the input gain all the way up. > 2) Taking only the least-significant bit of each sample. The random_harvest(9) call would do this by reading (say) 16 bits out of the DSP, and handing it over as harvested entropy while claiming it had 1 bit of useful randomness. Any other gratuitous randomness in the sample would provide "free" perturbation of the entropy pool. > In order to use this in FreeBSD, we would probably want a compile > option in the sound drivers to disable their use for other purposes > (e.g., generating sound). I can think of a way to do this with sysctls. M -- Mark Murray iumop ap!sdn w,I idlaH From owner-freebsd-security@FreeBSD.ORG Mon Mar 7 20:58:41 2005 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5494716A4D1; Mon, 7 Mar 2005 20:58:41 +0000 (GMT) Received: from darkness.comp.waw.pl (darkness.comp.waw.pl [195.117.238.136]) by mx1.FreeBSD.org (Postfix) with ESMTP id B702843D41; Mon, 7 Mar 2005 20:58:40 +0000 (GMT) (envelope-from pjd@darkness.comp.waw.pl) Received: by darkness.comp.waw.pl (Postfix, from userid 1009) id 70C68AC976; Mon, 7 Mar 2005 21:58:36 +0100 (CET) Date: Mon, 7 Mar 2005 21:58:36 +0100 From: Pawel Jakub Dawidek To: Mark Murray Message-ID: <20050307205836.GZ9291@darkness.comp.waw.pl> References: <20050307130330.GX9291@darkness.comp.waw.pl> <200503071609.j27G9mR1032489@grovel.grondar.org> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="WI3x0E7Qla8PXOxb" Content-Disposition: inline In-Reply-To: <200503071609.j27G9mR1032489@grovel.grondar.org> User-Agent: Mutt/1.4.2i X-PGP-Key-URL: http://people.freebsd.org/~pjd/pjd.asc X-OS: FreeBSD 5.2.1-RC2 i386 cc: freebsd-security@FreeBSD.ORG Subject: Re: New entropy source proposal. X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 07 Mar 2005 20:58:41 -0000 --WI3x0E7Qla8PXOxb Content-Type: text/plain; charset=iso-8859-2 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Mon, Mar 07, 2005 at 04:09:48PM +0000, Mark Murray wrote: +> Pawel Jakub Dawidek writes: +> > The program is very simple, it should be run with two arguments: +> >=20 +> > % sndtest /dev/dspW 1048576 > rand.data +> >=20 +> > This command will generate 1MB of random data. +>=20 +> Er, not very random. Are you sure you used /dev/dspW? It give me really good results with my sound card. You can find sample data at: http://people.freebsd.org/~pjd/misc/rand.data +> > If people like the idea and someone more skilled than me in this subje= ct +> > can review this stuff, we can start to put it into kernel +> > "random infrastructure". It could also be implemented as userland daem= on +> > which writes collected entropy to /dev/random maybe... +>=20 +> I like the idea, but we need a bit more hardware assistance, I think. Of course I don't think it could be used as the only entropy source in the system, more like one of few. --=20 Pawel Jakub Dawidek http://www.wheel.pl pjd@FreeBSD.org http://www.FreeBSD.org FreeBSD committer Am I Evil? Yes, I Am! --WI3x0E7Qla8PXOxb Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (FreeBSD) iD8DBQFCLMB8ForvXbEpPzQRAvs/AJ49htUbBcaiThJqQVnZtnokHnrXTwCfc6Q7 8qShAePCfNliDz/d2puMIHI= =Jul1 -----END PGP SIGNATURE----- --WI3x0E7Qla8PXOxb-- From owner-freebsd-security@FreeBSD.ORG Mon Mar 7 21:45:32 2005 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C2A9616A4CE; Mon, 7 Mar 2005 21:45:32 +0000 (GMT) Received: from pinus.cc.fer.hr (pinus.cc.fer.hr [161.53.73.18]) by mx1.FreeBSD.org (Postfix) with ESMTP id DFE6A43D49; Mon, 7 Mar 2005 21:45:31 +0000 (GMT) (envelope-from ivoras@fer.hr) Received: from [161.53.72.113] (lara.cc.fer.hr [161.53.72.113]) by pinus.cc.fer.hr (8.12.2/8.12.2) with ESMTP id j27LjTJu010248; Mon, 7 Mar 2005 22:45:30 +0100 (MET) Message-ID: <422CCB5B.80300@fer.hr> Date: Mon, 07 Mar 2005 22:44:59 +0100 From: Ivan Voras User-Agent: Mozilla Thunderbird 1.0 (X11/20041213) X-Accept-Language: en-us, en MIME-Version: 1.0 To: Pawel Jakub Dawidek References: <20050307130330.GX9291@darkness.comp.waw.pl> <200503071609.j27G9mR1032489@grovel.grondar.org> <20050307205836.GZ9291@darkness.comp.waw.pl> In-Reply-To: <20050307205836.GZ9291@darkness.comp.waw.pl> Content-Type: text/plain; charset=ISO-8859-2; format=flowed Content-Transfer-Encoding: 7bit cc: freebsd-security@freebsd.org Subject: Re: New entropy source proposal. X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 07 Mar 2005 21:45:32 -0000 Pawel Jakub Dawidek wrote: > +> Er, not very random. > > Are you sure you used /dev/dspW? It give me really good results with my > sound card. Sound card noise REALLY depends on the type and age of the said hardware. In a good soundcard (traditionally, Creative Sound Blaster or whatever they're calling it now), the noise is fairly minimal to nonexistant (I'm saying this purely as as a user/listener, not RNG expert), while on mass-market hardware such as various AC97 cards, especially if older or embedded into notebooks, the noise is very apparent. It's also very annoying that DA hardware picks up various inteferences from surrounding buses - on many low end system moving a mouse, resizing windows or accessing disk drives will produce bursts of audiable noise. From owner-freebsd-security@FreeBSD.ORG Mon Mar 7 23:07:37 2005 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1DE2B16A4CE; Mon, 7 Mar 2005 23:07:37 +0000 (GMT) Received: from pi.codefab.com (pi.codefab.com [199.103.21.227]) by mx1.FreeBSD.org (Postfix) with ESMTP id C84F543D46; Mon, 7 Mar 2005 23:07:36 +0000 (GMT) (envelope-from cswiger@mac.com) Received: from localhost (localhost [127.0.0.1]) by pi.codefab.com (Postfix) with ESMTP id 448345E13; Mon, 7 Mar 2005 18:07:36 -0500 (EST) Received: from pi.codefab.com ([127.0.0.1]) by localhost (pi.codefab.com [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 69858-01; Mon, 7 Mar 2005 18:07:35 -0500 (EST) Received: from [192.168.1.3] (pool-68-161-53-96.ny325.east.verizon.net [68.161.53.96]) by pi.codefab.com (Postfix) with ESMTP id DBF6B5E12; Mon, 7 Mar 2005 18:07:34 -0500 (EST) Message-ID: <422CDEC1.4090000@mac.com> Date: Mon, 07 Mar 2005 18:07:45 -0500 From: Chuck Swiger Organization: The Courts of Chaos User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.5) Gecko/20041217 X-Accept-Language: en-us, en MIME-Version: 1.0 To: Ivan Voras References: <20050307130330.GX9291@darkness.comp.waw.pl> <200503071609.j27G9mR1032489@grovel.grondar.org> <20050307205836.GZ9291@darkness.comp.waw.pl> <422CCB5B.80300@fer.hr> In-Reply-To: <422CCB5B.80300@fer.hr> X-Enigmail-Version: 0.90.0.0 X-Enigmail-Supports: pgp-inline, pgp-mime Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit X-Virus-Scanned: amavisd-new at codefab.com cc: freebsd-security@freebsd.org cc: Pawel Jakub Dawidek Subject: Re: New entropy source proposal. X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 07 Mar 2005 23:07:37 -0000 Ivan Voras wrote: > Pawel Jakub Dawidek wrote: >> Are you sure you used /dev/dspW? It give me really good results with my >> sound card. > > Sound card noise REALLY depends on the type and age of the said > hardware. In a good soundcard (traditionally, Creative Sound Blaster or > whatever they're calling it now), the noise is fairly minimal to > nonexistant (I'm saying this purely as as a user/listener, not RNG > expert), while on mass-market hardware such as various AC97 cards, > especially if older or embedded into notebooks, the noise is very apparent. Should the RNG be looking at the sound card's output, or at the sound card's microphone input? I think Pawel was talking about the latter, since a mike input is very sensitive to ambient EM and ought to generate some noise in the lower bits even if the mike input isn't connected to anything. Of course, if the sound hardware mutes that input to all zeros, or if there is no mike input at all, then we're not going to obtain any useful entropy. Hopefully, the driver can guard against that case by checking for a repeated stream of all-zeros, which presumably would indicate no HW/muting. [ BTW, thanks, Pawel, this looks like a neat idea, even if it may not be useable for all machines... ] > It's also very annoying that DA hardware picks up various inteferences > from surrounding buses - on many low end system moving a mouse, resizing > windows or accessing disk drives will produce bursts of audiable noise. Try using digital sound output via coax or TOSLINK (fibre & red laser); the inside of a computer is a horribly noisy place to do D/A conversion, and nowadays most home receivers can accept SPDIF input and give you a better sound. The Creative Audigy and later have reasonably good digital audio and adequate DACs, but earlier Creative cards had miserable DACs and analog audio circuitry. And yes, Creative cards sound pretty good compared to most on-motherboard audio, which is what laptops have. Really good CD and DVD players have seperate power supplies for the motor+digital versus analog circuitry in order to avoid biasing the audio being generated by their DACs. -- -Chuck From owner-freebsd-security@FreeBSD.ORG Tue Mar 8 00:08:50 2005 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id AC96B16A4CE for ; Tue, 8 Mar 2005 00:08:50 +0000 (GMT) Received: from pinus.cc.fer.hr (pinus.cc.fer.hr [161.53.73.18]) by mx1.FreeBSD.org (Postfix) with ESMTP id E910943D48 for ; Tue, 8 Mar 2005 00:08:49 +0000 (GMT) (envelope-from ivoras@fer.hr) Received: from [161.53.72.113] (lara.cc.fer.hr [161.53.72.113]) by pinus.cc.fer.hr (8.12.2/8.12.2) with ESMTP id j2808lJu026372; Tue, 8 Mar 2005 01:08:47 +0100 (MET) Message-ID: <422CECF1.4090603@fer.hr> Date: Tue, 08 Mar 2005 01:08:17 +0100 From: Ivan Voras User-Agent: Mozilla Thunderbird 1.0 (X11/20041213) X-Accept-Language: en-us, en MIME-Version: 1.0 To: Chuck Swiger References: <20050307130330.GX9291@darkness.comp.waw.pl> <200503071609.j27G9mR1032489@grovel.grondar.org> <20050307205836.GZ9291@darkness.comp.waw.pl> <422CCB5B.80300@fer.hr> <422CDEC1.4090000@mac.com> In-Reply-To: <422CDEC1.4090000@mac.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit cc: freebsd-security@freebsd.org Subject: Re: New entropy source proposal. X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 08 Mar 2005 00:08:50 -0000 Chuck Swiger wrote: > Should the RNG be looking at the sound card's output, or at the sound > card's microphone input? I think Pawel was talking about the latter, I tried to make a point that (though I forgot to mention mic/line input) it's the same - from my experience input also depends on the things I said... > Try using digital sound output via coax or TOSLINK (fibre & red laser); > the inside of a computer is a horribly noisy place to do D/A conversion, > and nowadays most home receivers can accept SPDIF input and give you a > better sound. You won't find those in low-end beige-boxen I was talking about :) From owner-freebsd-security@FreeBSD.ORG Mon Mar 7 19:44:51 2005 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4B97516A4CE; Mon, 7 Mar 2005 19:44:51 +0000 (GMT) Received: from khavrinen.lcs.mit.edu (khavrinen.lcs.mit.edu [128.30.28.20]) by mx1.FreeBSD.org (Postfix) with ESMTP id DB39743D1F; Mon, 7 Mar 2005 19:44:50 +0000 (GMT) (envelope-from wollman@khavrinen.lcs.mit.edu) Received: from khavrinen.lcs.mit.edu (localhost [IPv6:::1]) by khavrinen.lcs.mit.edu (8.12.9/8.12.9) with ESMTP id j27Jinaa006064 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=OK CN=khavrinen.lcs.mit.edu issuer=SSL+20Client+20CA); Mon, 7 Mar 2005 14:44:49 -0500 (EST) (envelope-from wollman@khavrinen.lcs.mit.edu) Received: (from wollman@localhost) by khavrinen.lcs.mit.edu (8.12.9/8.12.9/Submit) id j27JiniV006061; Mon, 7 Mar 2005 14:44:49 -0500 (EST) (envelope-from wollman) Date: Mon, 7 Mar 2005 14:44:49 -0500 (EST) From: Garrett Wollman Message-Id: <200503071944.j27JiniV006061@khavrinen.lcs.mit.edu> To: Mark Murray In-Reply-To: <200503071609.j27G9mR1032489@grovel.grondar.org> References: <20050307130330.GX9291@darkness.comp.waw.pl> <200503071609.j27G9mR1032489@grovel.grondar.org> X-Spam-Score: -9.9 () IN_REP_TO,REFERENCES X-Scanned-By: MIMEDefang 2.37 X-Mailman-Approved-At: Tue, 08 Mar 2005 11:44:50 +0000 cc: freebsd-security@FreeBSD.ORG Subject: Re: New entropy source proposal. X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 07 Mar 2005 19:44:51 -0000 < said: > Did you have a noise source connected? I generated 1MB of data and it was not > very random at all. "hexdump -C data" showed the data was very poor indeed. The usual noise source is thermal noise in the machine itself. The process that I've heard described involves: 0) Disconnecting any input sources. 1) Turning the input gain all the way up. 2) Taking only the least-significant bit of each sample. In order to use this in FreeBSD, we would probably want a compile option in the sound drivers to disable their use for other purposes (e.g., generating sound). -GAWollman From owner-freebsd-security@FreeBSD.ORG Tue Mar 8 09:47:01 2005 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C05C116A4CE for ; Tue, 8 Mar 2005 09:47:01 +0000 (GMT) Received: from pd3mo3so.prod.shaw.ca (shawidc-mo1.cg.shawcable.net [24.71.223.10]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8742343D55 for ; Tue, 8 Mar 2005 09:47:01 +0000 (GMT) (envelope-from cperciva@freebsd.org) Received: from pd2mr4so.prod.shaw.ca (pd2mr4so-qfe3.prod.shaw.ca [10.0.141.107]) by l-daemon (Sun ONE Messaging Server 6.0 HotFix 1.01 (built Mar 15 2004)) with ESMTP id <0ID100D951TSAL40@l-daemon> for freebsd-security@freebsd.org; Tue, 08 Mar 2005 02:46:40 -0700 (MST) Received: from pn2ml10so.prod.shaw.ca ([10.0.121.80]) by pd2mr4so.prod.shaw.ca (Sun ONE Messaging Server 6.0 HotFix 1.01 (built Mar 15 2004)) with ESMTP id <0ID1009FK1TSO080@pd2mr4so.prod.shaw.ca> for freebsd-security@freebsd.org; Tue, 08 Mar 2005 02:46:40 -0700 (MST) Received: from [192.168.0.60] (S0106006067227a4a.vc.shawcable.net [24.87.209.6]) by l-daemon (iPlanet Messaging Server 5.2 HotFix 1.18 (built Jul 28 2003)) freebsd-security@freebsd.org; Tue, 08 Mar 2005 02:46:39 -0700 (MST) Date: Tue, 08 Mar 2005 01:46:39 -0800 From: Colin Percival In-reply-to: <1842482240.20050306165824@vkt.lt> To: Jara Message-id: <422D747F.2050408@freebsd.org> MIME-version: 1.0 Content-type: text/plain; charset=ISO-8859-1 Content-transfer-encoding: 7bit X-Accept-Language: en-us, en X-Enigmail-Version: 0.90.1.0 X-Enigmail-Supports: pgp-inline, pgp-mime References: <42296320.4080303@wadham.ox.ac.uk> <1110097390.3927.2.camel@localhost.localdomain> <422ABF84.2010808@wadham.ox.ac.uk> <1842482240.20050306165824@vkt.lt> User-Agent: Mozilla Thunderbird 1.0 (X11/20050302) X-Mailman-Approved-At: Tue, 08 Mar 2005 11:44:50 +0000 cc: freebsd-security@freebsd.org Subject: Re: Heads up: End of RELENG_4_8 support X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 08 Mar 2005 09:47:01 -0000 Jara wrote: >Colin Percival wrote: >>you can download the 4.11-RELEASE iso image, mount it on >>/cdrom, and use that to install 4.11. > > Maybe you or anyone else on the list know any sources of information how is it done? > Some kind of guide. Ask and ye shall receive: http://www.daemonology.net/freebsd-upgrade-4.8-to-4.11/ Hope that helps, Colin Percival From owner-freebsd-security@FreeBSD.ORG Tue Mar 8 12:28:30 2005 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id BFE1216A4CE for ; Tue, 8 Mar 2005 12:28:30 +0000 (GMT) Received: from www.enhyper.com (mailgate.enhyper.com [62.49.250.18]) by mx1.FreeBSD.org (Postfix) with ESMTP id AC52943D55 for ; Tue, 8 Mar 2005 12:28:29 +0000 (GMT) (envelope-from iang@iang.org) Received: from localhost.localdomain (localhost.localdomain [127.0.0.1]) by www.enhyper.com (8.11.6/8.11.6) with SMTP id j28DSJa03257 for ; Tue, 8 Mar 2005 13:28:24 GMT X-Authentication-Warning: www.enhyper.com: localhost.localdomain [127.0.0.1] didn't use HELO protocol Message-ID: <422D9B5E.3020303@iang.org> Date: Tue, 08 Mar 2005 12:32:30 +0000 From: Ian G Organization: http://iang.org/ User-Agent: Mozilla Thunderbird 1.0 (X11/20050219) X-Accept-Language: en-us, en MIME-Version: 1.0 To: freebsd-security@freebsd.org References: <999.1110223995@critter.freebsd.dk> In-Reply-To: <999.1110223995@critter.freebsd.dk> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Subject: Re: New entropy source proposal. X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 08 Mar 2005 12:28:30 -0000 You might want to check out: http://www.av8n.com/turbid/paper/turbid.htm There is some controversy over the new FreeBSD /dev/random system, is there any analysis of the system? I wasn't able to find anything from a brief search. iang -- News and views on what matters in finance+crypto: http://financialcryptography.com/ From owner-freebsd-security@FreeBSD.ORG Tue Mar 8 14:16:30 2005 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8899016A4CE for ; Tue, 8 Mar 2005 14:16:30 +0000 (GMT) Received: from saturn.criticalmagic.com (saturn.criticalmagic.com [64.74.124.105]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3898943D39 for ; Tue, 8 Mar 2005 14:16:30 +0000 (GMT) (envelope-from rcoleman@criticalmagic.com) Received: from [172.16.0.201] (adsl-34-204-197.asm.bellsouth.net [67.34.204.197]) by saturn.criticalmagic.com (Postfix) with ESMTP id 4BC8E3BD10; Tue, 8 Mar 2005 09:16:29 -0500 (EST) Message-ID: <422DB45E.2050900@criticalmagic.com> Date: Tue, 08 Mar 2005 09:19:10 -0500 From: Richard Coleman User-Agent: Mozilla Thunderbird 1.0 (Windows/20041206) X-Accept-Language: en-us, en MIME-Version: 1.0 To: Ian G References: <999.1110223995@critter.freebsd.dk> <422D9B5E.3020303@iang.org> In-Reply-To: <422D9B5E.3020303@iang.org> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit cc: freebsd-security@freebsd.org Subject: Re: New entropy source proposal. X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 08 Mar 2005 14:16:30 -0000 Ian G wrote: > You might want to check out: > > http://www.av8n.com/turbid/paper/turbid.htm > > There is some controversy over the new FreeBSD /dev/random system, > is there any analysis of the system? I wasn't able to find anything > from a brief search. > > iang The FreeBSD /dev/random was originally based on the Yarrow paper that is given as a reference in the paper above. But I think the current implementation is more similar to to the version of Yarrow that is discussed in Bruce Schneier's "Practical Cryptography". I'm not sure if that is a coincidence or not. The paper mentioned above only briefly mentions Yarrow, and doesn't mention the FreeBSD implementation, so it's hard to compare the two. At first glance, both systems appear strong. Richard Coleman rcoleman@criticalmagic.com From owner-freebsd-security@FreeBSD.ORG Tue Mar 8 14:25:26 2005 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6558316A4CE for ; Tue, 8 Mar 2005 14:25:26 +0000 (GMT) Received: from mail.gmx.net (mail.gmx.de [213.165.64.20]) by mx1.FreeBSD.org (Postfix) with SMTP id 2DA1843D5A for ; Tue, 8 Mar 2005 14:25:25 +0000 (GMT) (envelope-from michaelnottebrock@gmx.net) Received: (qmail invoked by alias); 08 Mar 2005 14:25:24 -0000 Received: from p508BD0D1.dip.t-dialin.net (EHLO lofi.dyndns.org) (80.139.208.209) by mail.gmx.net (mp003) with SMTP; 08 Mar 2005 15:25:24 +0100 X-Authenticated: #443188 Received: from kiste.my.domain (lofi@kiste.my.domain [192.168.8.4]) (authenticated bits=0) by lofi.dyndns.org (8.12.10/8.12.10) with ESMTP id j28EPImb093671 (version=TLSv1/SSLv3 cipher=RC4-MD5 bits=128 verify=NO); Tue, 8 Mar 2005 15:25:18 +0100 (CET) (envelope-from michaelnottebrock@gmx.net) From: Michael Nottebrock To: freebsd-security@freebsd.org Date: Tue, 8 Mar 2005 15:25:11 +0100 User-Agent: KMail/1.7.2 References: <20050307130330.GX9291@darkness.comp.waw.pl> <422CCB5B.80300@fer.hr> <422CDEC1.4090000@mac.com> In-Reply-To: <422CDEC1.4090000@mac.com> MIME-Version: 1.0 Content-Type: multipart/signed; boundary="nextPart61760854.UR4kukTaF1"; protocol="application/pgp-signature"; micalg=pgp-sha1 Content-Transfer-Encoding: 7bit Message-Id: <200503081525.16682.michaelnottebrock@gmx.net> X-Virus-Scanned: by amavisd-new X-Y-GMX-Trusted: 0 cc: Pawel Jakub Dawidek Subject: Re: New entropy source proposal. X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 08 Mar 2005 14:25:26 -0000 --nextPart61760854.UR4kukTaF1 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline On Tuesday, 8. March 2005 00:07, Chuck Swiger wrote: > [ BTW, thanks, Pawel, this looks like a neat idea, even if it may not be > useable for all machines... ] The idea stems from the days when Noiseblasters where the peak of digital=20 audio for PCs... it's rather sad that now, years later, there's tendenciall= y=20 worse hardware being used as part of mobo-chipsets and recording noise is=20 still easier than recording an actual signal. In an ideal world, this idea= =20 wouldn't work. :-\ =46WIW, following the general idea of 'static makes good entropy', bktr(4) = could=20 be used as an entropy source as well. =2D-=20 ,_, | Michael Nottebrock | lofi@freebsd.org (/^ ^\) | FreeBSD - The Power to Serve | http://www.freebsd.org \u/ | K Desktop Environment on FreeBSD | http://freebsd.kde.org --nextPart61760854.UR4kukTaF1 Content-Type: application/pgp-signature -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.0 (FreeBSD) iD8DBQBCLbXMXhc68WspdLARAkJWAJ0UYSXovZeuBeznYRBsTumseyVS2wCfbC4E EbiTIbIdU30tbwokL5quiWE= =ixVE -----END PGP SIGNATURE----- --nextPart61760854.UR4kukTaF1-- From owner-freebsd-security@FreeBSD.ORG Tue Mar 8 15:25:29 2005 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 660F116A4CE for ; Tue, 8 Mar 2005 15:25:29 +0000 (GMT) Received: from VARK.MIT.EDU (VARK.MIT.EDU [18.95.3.179]) by mx1.FreeBSD.org (Postfix) with ESMTP id EC6A443D41 for ; Tue, 8 Mar 2005 15:25:28 +0000 (GMT) (envelope-from das@FreeBSD.ORG) Received: from VARK.MIT.EDU (localhost [127.0.0.1]) by VARK.MIT.EDU (8.13.3/8.13.1) with ESMTP id j28FOYq5002179; Tue, 8 Mar 2005 10:24:34 -0500 (EST) (envelope-from das@FreeBSD.ORG) Received: (from das@localhost) by VARK.MIT.EDU (8.13.3/8.13.1/Submit) id j28FOUWZ002178; Tue, 8 Mar 2005 10:24:30 -0500 (EST) (envelope-from das@FreeBSD.ORG) Date: Tue, 8 Mar 2005 10:24:30 -0500 From: David Schultz To: Richard Coleman Message-ID: <20050308152430.GA1999@VARK.MIT.EDU> Mail-Followup-To: Richard Coleman , Ian G , freebsd-security@FreeBSD.ORG References: <999.1110223995@critter.freebsd.dk> <422D9B5E.3020303@iang.org> <422DB45E.2050900@criticalmagic.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <422DB45E.2050900@criticalmagic.com> cc: freebsd-security@FreeBSD.ORG cc: Ian G Subject: Re: New entropy source proposal. X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 08 Mar 2005 15:25:29 -0000 On Tue, Mar 08, 2005, Richard Coleman wrote: > Ian G wrote: > >You might want to check out: > > > >http://www.av8n.com/turbid/paper/turbid.htm > > > >There is some controversy over the new FreeBSD /dev/random system, > >is there any analysis of the system? I wasn't able to find anything > >from a brief search. > > > >iang > > The FreeBSD /dev/random was originally based on the Yarrow paper that is > given as a reference in the paper above. But I think the current > implementation is more similar to to the version of Yarrow that is > discussed in Bruce Schneier's "Practical Cryptography". I'm not sure if > that is a coincidence or not. > > The paper mentioned above only briefly mentions Yarrow, and doesn't > mention the FreeBSD implementation, so it's hard to compare the two. > > At first glance, both systems appear strong. There's also: http://www.usenix.org/publications/library/proceedings/bsdcon02/full_papers/murray/murray_html/ The only objection with it that I'm aware of is that the random device does not ordinarily block, which may make it vulnerable to side channel or cryptanalytic attacks. From owner-freebsd-security@FreeBSD.ORG Wed Mar 9 16:38:11 2005 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4C55B16A4CE for ; Wed, 9 Mar 2005 16:38:11 +0000 (GMT) Received: from postfix4-1.free.fr (postfix4-1.free.fr [213.228.0.62]) by mx1.FreeBSD.org (Postfix) with ESMTP id 4E14F43D2D for ; Wed, 9 Mar 2005 16:38:10 +0000 (GMT) (envelope-from tataz@tataz.chchile.org) Received: from tatooine.tataz.chchile.org (vol75-8-82-233-239-98.fbx.proxad.net [82.233.239.98]) by postfix4-1.free.fr (Postfix) with ESMTP id B3D072B5BAF for ; Wed, 9 Mar 2005 17:38:08 +0100 (CET) Received: by tatooine.tataz.chchile.org (Postfix, from userid 1000) id 139F5407C; Wed, 9 Mar 2005 17:38:06 +0100 (CET) Date: Wed, 9 Mar 2005 17:38:06 +0100 From: Jeremie Le Hen To: freebsd-security@FreeBSD.org Message-ID: <20050309163805.GB34822@obiwan.tataz.chchile.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.5.8i Subject: [djm@cvs.openbsd.org: OpenSSH 4.0 released] X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 09 Mar 2005 16:38:11 -0000 ----- Forwarded message from Damien Miller ----- Subject: OpenSSH 4.0 released From: Damien Miller Date: Wed, 9 Mar 2005 02:54:13 -0700 (MST) To: announce@openbsd.org X-Original-To: jeremie@le-hen.org Delivered-To: tataz@tataz.chchile.org X-Loop: announce@openbsd.org Precedence: list OpenSSH 4.0 has just been released. It will be available from the mirrors listed at http://www.openssh.com/ shortly. OpenSSH is a 100% complete SSH protocol version 1.3, 1.5 and 2.0 implementation and includes sftp client and server support. We would like to thank the OpenSSH community for their continued support to the project, especially those who contributed source and bought T-shirts or posters. We have a new design of T-shirt available, more info on http://www.openbsd.org/tshirts.html#18 For international orders use http://https.openbsd.org/cgi-bin/order and for European orders, use http://https.openbsd.org/cgi-bin/order.eu Changes since OpenSSH 3.9: ============================ * ssh(1) now allows the optional specification of an address to bind to in port forwarding connections (local, remote and dynamic). Please refer to the documentation for the -L and -R options in the ssh(1) manual page and the LocalForward and RemoteForward options in the ssh_config(5) manpage. (Bugzilla #413) * To control remote bindings while retaining backwards compatibility, sshd(8)'s GatewayPorts option has been extended. To allow client specified bind addresses for remote (-R) port forwardings, the server must be configured with "GatewayPorts clientspecified". * ssh(1) and ssh-keyscan(1) now support hashing of host names and addresses added to known_hosts files, controlled by the ssh(1) HashKnownHosts configuration directive. This option improves user privacy by hiding which hosts have been visited. At present this option is off by default, but may be turned on once it receives sufficient testing. * Added options for managing keys in known_hosts files to ssh-keygen(1), including the ability to search for hosts by name, delete hosts by name and convert an unhashed known_hosts file into one with hashed names. These are particularly useful for managing known_hosts files with hashed hostnames. * Improve account and password expiry support in sshd(8). Ther server will now warn in advance for both account and password expiry. * sshd(8) will now log the source of connections denied by AllowUsers, DenyUsers, AllowGroups and DenyGroups (Bugzilla #909) * Added AddressFamily option to sshd(8) to allow global control over IPv4/IPv6 usage. (Bugzilla #989) * Improved sftp(1) client, including bugfixes and optimisations for the ``ls'' command and command history and editing support using libedit. * Improved the handling of bad data in authorized_keys files, eliminating fatal errors on corrupt or very large keys. (Bugzilla #884) * Improved connection multiplexing support in ssh(1). Several bugs have been fixed and a new "command mode" has been added to allow the control of a running multiplexing master connection, including checking that it is up, determining its PID and asking it to exit. * Have scp(1) and sftp(1) wait for the spawned ssh to exit before they exit themselves. This prevents ssh from being unable to restore terminal modes (not normally a problem on OpenBSD but common with -Portable on POSIX platforms). (Bugzilla #950) * Portable OpenSSH: - Add *EXPERIMENTAL* BSM audit support for Solaris systems (Bugzilla #125) - Enable IPv6 on AIX where possible (see README.platform for details), working around a misfeature of AIX's getnameinfo. (Bugzilla #835) - Teach sshd(8) to write failed login records to btmp for unsuccessful auth attempts. Currently this is only for password, keyboard-interactive and challenge/response authentication methods and only on Linux and HP-UX. - sshd(8) now sends output from failing PAM session modules to the user before exiting, similar to the way /etc/nologin is handled - Store credentials from gssapi-with-mic authentication early enough to be available to PAM session modules when privsep=yes. Checksums: ========== - MD5 (openssh-4.0.tgz) = 7dbf15fe7c294672e8822127f50107d0 - MD5 (openssh-4.0p1.tar.gz) = 122bec49d2cace00b71cc29b5ececed3 Reporting Bugs: =============== - please read http://www.openssh.com/report.html and http://bugzilla.mindrot.org/ OpenSSH is brought to you by Markus Friedl, Niels Provos, Theo de Raadt, Kevin Steves, Damien Miller, Ben Lindstrom, Darren Tucker and Tim Rice. ----- End forwarded message ----- -- Jeremie Le Hen < jeremie at le-hen dot org || ttz at chchile dot org > From owner-freebsd-security@FreeBSD.ORG Fri Mar 11 15:29:52 2005 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1CB9916A4CF; Fri, 11 Mar 2005 15:29:52 +0000 (GMT) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id E060D43D31; Fri, 11 Mar 2005 15:29:51 +0000 (GMT) (envelope-from csjp@FreeBSD.org) Received: from freefall.freebsd.org (csjp@localhost [127.0.0.1]) by freefall.freebsd.org (8.13.3/8.13.3) with ESMTP id j2BFTpe1090368; Fri, 11 Mar 2005 15:29:51 GMT (envelope-from csjp@freefall.freebsd.org) Received: (from csjp@localhost) by freefall.freebsd.org (8.13.3/8.13.1/Submit) id j2BFTpBC090367; Fri, 11 Mar 2005 15:29:51 GMT (envelope-from csjp) Date: Fri, 11 Mar 2005 15:29:51 +0000 From: "Christian S.J. Peron" To: freebsd-security@freebsd.org Message-ID: <20050311152951.GA90290@freefall.freebsd.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline User-Agent: Mutt/1.4.2.1i X-Mailman-Approved-At: Sat, 12 Mar 2005 13:37:19 +0000 cc: freebsd-hackers@freebsd.org Subject: FreeBSD trusted execution system: beta testers wanted X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 11 Mar 2005 15:29:52 -0000 All, I have written a trusted execution module and would appreciate if anyone could help in testing. This module provides a functionality similar to NetBSD's verified exec mechanism. Once the design details of this security policy has been solidified, I will be releasing a white paper which describes the technical implementation in greater detail. The mac_chkexec policy logic can be found here: http://people.freebsd.org/~csjp/mac/trustedexec.png Q: What is mac_chkexec? A: It's a mandatory access control policy which ensures that if the code contained in a binary, shell script, shared object or kernel module has been modified from it's "trusted" form, it can not be executed. It also ensures that untrusted code can not be executed. I.E. If an adversary uploads an agent or rogue program, it should not be executed. In addition, dependencies are supported. Since configuration files, system databases or other files can alter how a program runs, it is possible to make the policy verify the integrity of these dependencies before allowing the execution of the object. Q: What is required to run mac_chkexec? A: This policy requires that options MAC be compiled into your kernel. Since it depends on extended attributes for dependency and checksum storage, it also requires UFS2. This security policy requires FreeBSD 5.X Q: How do I set this up and test it? A: cd /usr/src/sys fetch http://people.freebsd.org/~csjp/mac/mac_vnode_mmap.1106783302.diff patch < mac_vnode_mmap.1106783302.diff NOTE: Patch should work against -CURRENT or RELENG_5 Add the following line to your kernel config: options MAC Now Recompile and install your kernel. Download, build and install the mac_chkexec kernel module: fetch http://people.freebsd.org/~csjp/mac/mac_chkexec.1110510616.tar.gz tar zxvf mac_chkexec.1110510616.tar.gz cd mac_chkexec make make install The policy can be loaded using: kldload mac_chkexec Download, build and install the set{get}fhash user-space utility: cd /usr/src/usr.sbin fetch http://people.freebsd.org/~csjp/mac/getfhash.1110501625.shar sh getfhash.1110501625.shar cd getfhash make make install ln -s /usr/sbin/getfhash /usr/sbin/setfhash Q: I have everything installed, how do I generate my baseline? A: Easy, load the module and run your system like you would any other day. By default when you load the module without "enforcing" the policy, the trusted exec system is in "learning" mode. Which means anytime an object gets executed, a checksum is computed and stored with the object. If you do not want to wait for nature to take it course, you can always force the calculation and storage of checksums using setfhash. setfhash /bin/ls Q: How can I see what checksum is currently registered for an object? A: getfhash /bin/ls Q: How can I set dependencies for an object? A: setfhash -m /etc/rc.firewall /bin/ipfw Executables can have more then one dependency. You can use a colon to separate them: setfhash -m /path/foo:/path/foo/test /bin/ls NOTE: DEPENDENCIES PATHNAMES ARE RELATIVE TO THE CALLING PROCESS WITH COMPLICATES THINGS IS CHROOT OR JAIL ENVIRONMENTS. Q: OK, I've generated my baseline, now how do I start enforcing the policy? A: sysctl security.mac.chkexec.enforce=1 NOTE: If you plan on doing a buildworld, you might want to increase the cache size to something like 1024 sysctl security.mac.chkexec.cache.objmax=1024 Good luck & Thanks! -- Christian S.J. Peron csjp@FreeBSD.ORG FreeBSD Committer From owner-freebsd-security@FreeBSD.ORG Sat Mar 12 23:06:25 2005 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E346E16A4CE; Sat, 12 Mar 2005 23:06:25 +0000 (GMT) Received: from mail06.syd.optusnet.com.au (mail06.syd.optusnet.com.au [211.29.132.187]) by mx1.FreeBSD.org (Postfix) with ESMTP id C108643D5C; Sat, 12 Mar 2005 23:06:24 +0000 (GMT) (envelope-from PeterJeremy@optushome.com.au) Received: from cirb503493.alcatel.com.au (c211-30-75-229.belrs2.nsw.optusnet.com.au [211.30.75.229]) j2CN6Mo8032318 (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NO); Sun, 13 Mar 2005 10:06:23 +1100 Received: from cirb503493.alcatel.com.au (localhost.alcatel.com.au [127.0.0.1])j2CN6L7l023341; Sun, 13 Mar 2005 10:06:21 +1100 (EST) (envelope-from pjeremy@cirb503493.alcatel.com.au) Received: (from pjeremy@localhost)j2CN6L8W023340; Sun, 13 Mar 2005 10:06:21 +1100 (EST) (envelope-from pjeremy) Date: Sun, 13 Mar 2005 10:06:21 +1100 From: Peter Jeremy To: "Christian S.J. Peron" Message-ID: <20050312230621.GA17852@cirb503493.alcatel.com.au> References: <20050311152951.GA90290@freefall.freebsd.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20050311152951.GA90290@freefall.freebsd.org> User-Agent: Mutt/1.4.2i cc: freebsd-security@freebsd.org cc: freebsd-hackers@freebsd.org Subject: Re: FreeBSD trusted execution system: beta testers wanted X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 12 Mar 2005 23:06:26 -0000 On Fri, 2005-Mar-11 15:29:51 +0000, Christian S.J. Peron wrote: >I have written a trusted execution module and would appreciate if anyone could >help in testing. This module provides a functionality similar to NetBSD's >verified exec mechanism. Once the design details of this security policy has >been solidified, I will be releasing a white paper which describes the >technical implementation in greater detail. Sounds good. > Download, build and install the mac_chkexec kernel module: > > fetch http://people.freebsd.org/~csjp/mac/mac_chkexec.1110510616.tar.gz > tar zxvf mac_chkexec.1110510616.tar.gz > cd mac_chkexec > make > make install Unfortunately, the existing file is incompatible with the "standard" kernel building process. The instructions above seem to work but since it's a separate step from buildkernel/installkernel, I'm sure to forget it at some time. If I unpack it into /sys/modules and add "SUBDIR += mac_chkexec" to /sys/modules/Makefile - it blows up with: ===> mac_chkexec @ -> /usr/src/sys machine -> /usr/src/sys/i386/include awk -f @/tools/vnode_if.awk @/kern/vnode_if.src -h rm -f .depend mkdep -f .depend -a -nostdinc -I/usr/src/sys/crypto -D_KERNEL -DKLD_MODULE -I- -I/usr/src/sys/crypto -I. -I@ -I@/contrib/altq -I@/../include -I/usr/obj/usr/src/i386/usr/include -I/usr/obj/usr/src/sys/fwall /usr/src/sys/crypto//sha1.c /usr/src/sys/modules/mac_chkexec/mac_chkexec.c /usr/src/sys/modules/mac_chkexec/mac_chkexec.c:61:25: mac_chkexec.h: No such file or directory mkdep: compile failed *** Error code 1 I also notice that the Makefile has /usr/src/sys hard-coded into it. Can I suggest the following patch: server# diff -u Makefile~ Makefile --- Makefile~ Fri Mar 11 14:09:20 2005 +++ Makefile Sun Mar 13 09:56:42 2005 @@ -1,5 +1,5 @@ -.PATH: /usr/src/sys/crypto/ -CFLAGS+= -I/usr/src/sys/crypto +.PATH: ${.CURDIR}/../../crypto +CFLAGS+= -I${.CURDIR} -I${.CURDIR}/../../crypto KMOD= mac_chkexec SRCS= vnode_if.h \ server# -- Peter Jeremy