From owner-cvs-all@FreeBSD.ORG  Wed Feb  4 11:49:41 2004
Return-Path: <owner-cvs-all@FreeBSD.ORG>
Delivered-To: cvs-all@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP
	id 4676C16A4CE; Wed,  4 Feb 2004 11:49:41 -0800 (PST)
Received: from milla.ask33.net (milla.ask33.net [217.197.166.60])
	by mx1.FreeBSD.org (Postfix) with ESMTP
	id 7D89A43D53; Wed,  4 Feb 2004 11:49:29 -0800 (PST)
	(envelope-from nick@milla.ask33.net)
Received: by milla.ask33.net (Postfix, from userid 1001)
	id 8F84F3ABB5D; Wed,  4 Feb 2004 20:51:22 +0100 (CET)
Date: Wed, 4 Feb 2004 20:51:22 +0100
From: Pawel Jakub Dawidek <pjd@FreeBSD.org>
To: Dag-Erling Smorgrav <des@FreeBSD.org>
Message-ID: <20040204195122.GH14639@garage.freebsd.pl>
References: <200402041553.i14Fro7E077632@repoman.freebsd.org>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
	protocol="application/pgp-signature"; boundary="AqCDj3hiknadvR6t"
Content-Disposition: inline
In-Reply-To: <200402041553.i14Fro7E077632@repoman.freebsd.org>
X-PGP-Key-URL: http://people.freebsd.org/~pjd/pjd.asc
X-OS: FreeBSD 4.8-RELEASE-p13 i386
X-URL: http://garage.freebsd.pl
User-Agent: Mutt/1.5.1i
cc: cvs-src@FreeBSD.org
cc: src-committers@FreeBSD.org
cc: cvs-all@FreeBSD.org
Subject: Re: cvs commit: src/etc/rc.d gbde_swap
X-BeenThere: cvs-all@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: CVS commit messages for the entire tree <cvs-all.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-all>,
	<mailto:cvs-all-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/cvs-all>
List-Post: <mailto:cvs-all@freebsd.org>
List-Help: <mailto:cvs-all-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-all>,
	<mailto:cvs-all-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 04 Feb 2004 19:49:41 -0000


--AqCDj3hiknadvR6t
Content-Type: text/plain; charset=iso-8859-2
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Wed, Feb 04, 2004 at 07:53:50AM -0800, Dag-Erling Smorgrav wrote:
+>   Commiter:	Dag-Erling Smorgrav <des@FreeBSD.org>
+>   Branch:	HEAD
+>=20
+>   Files:
+> 	1.2   src/etc/rc.d/gbde_swap =20
+>=20
+>   Log:
+>   We don't really need a lockfile, and most likely can't create one at
+>   this point.

I'm not sure, that giving a passphrase as an argument is safe.
Maybe it is at boot time (but it is still doubtful), but scripts from
/etc/rc.d/ are intended to run after boot as well and here it is obviously
insecure.

We should better implement -k/-K options for gbde(8), that will allow getti=
ng
passphrase from a file or standard input.

--=20
Pawel Jakub Dawidek                       http://www.FreeBSD.org
pjd@FreeBSD.org                           http://garage.freebsd.pl
FreeBSD committer                         Am I Evil? Yes, I Am!

--AqCDj3hiknadvR6t
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.7 (FreeBSD)

iD8DBQFAIU06ForvXbEpPzQRAj4TAJ9Ui98jHoutLEnyW7LwSYtNG9lNzwCg0K68
GRAkOh5Yo4ZigdRwXq4p+Ho=
=2WmL
-----END PGP SIGNATURE-----

--AqCDj3hiknadvR6t--