From owner-freebsd-security@FreeBSD.ORG Tue Feb 21 01:08:15 2006 Return-Path: X-Original-To: freebsd-security@freebsd.org Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 85FB116A420 for ; Tue, 21 Feb 2006 01:08:15 +0000 (GMT) (envelope-from artifact.one@googlemail.com) Received: from xproxy.gmail.com (xproxy.gmail.com [66.249.82.199]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2279D43D4C for ; Tue, 21 Feb 2006 01:08:15 +0000 (GMT) (envelope-from artifact.one@googlemail.com) Received: by xproxy.gmail.com with SMTP id s16so786867wxc for ; Mon, 20 Feb 2006 17:08:14 -0800 (PST) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=googlemail.com; h=received:message-id:date:from:to:subject:mime-version:content-type:content-transfer-encoding:content-disposition; b=GCOCK5+SsfdpOuRgc3TOMdAcOQnLQ8lZ9sRE5PD443rpBaXzTLPq4OhXm2AqVh9waxCPZgQka3gGzSHudlXrIh6ZhdrgTnd0GcPMCoGwzdKSoOvg+p4u83QQEpUaG1V9z/LEzT57RKg/T5+Tkmn6XBh7lTYj2swc5Y1xQkTjJc4= Received: by 10.70.21.19 with SMTP id 19mr4178253wxu; Mon, 20 Feb 2006 17:08:14 -0800 (PST) Received: by 10.70.24.9 with HTTP; Mon, 20 Feb 2006 17:08:14 -0800 (PST) Message-ID: <8e96a0b90602201708o17e9f206gaffc410f66b53b5c@mail.gmail.com> Date: Tue, 21 Feb 2006 01:08:14 +0000 From: "mal content" To: freebsd-security@freebsd.org MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-1 Content-Transfer-Encoding: quoted-printable Content-Disposition: inline X-Mailman-Approved-At: Tue, 21 Feb 2006 01:28:11 +0000 Subject: GELI slice encryption X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 21 Feb 2006 01:08:15 -0000 Hello. I have been investigating a 'secure' Firefox solution. The cache, history and other files are kept on an encrypted slice and swap is encrypted also. The problem I am having is that I know the shell commands required to unmount /tmp, create providers with GELI with one-time keys, remount /tmp, activate swap etc. but I don't know the correct way to get this done automatically on boot. (I'd also like to submit a patch to the manual page to show how to create an encrypted /tmp partition, but that comes later!). thanks, a1 From owner-freebsd-security@FreeBSD.ORG Tue Feb 21 07:50:00 2006 Return-Path: X-Original-To: freebsd-security@freebsd.org Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 712D716A420 for ; Tue, 21 Feb 2006 07:50:00 +0000 (GMT) (envelope-from arne_woerner@yahoo.com) Received: from web30307.mail.mud.yahoo.com (web30307.mail.mud.yahoo.com [68.142.200.100]) by mx1.FreeBSD.org (Postfix) with SMTP id ED6DA43D45 for ; Tue, 21 Feb 2006 07:49:59 +0000 (GMT) (envelope-from arne_woerner@yahoo.com) Received: (qmail 34651 invoked by uid 60001); 21 Feb 2006 07:49:59 -0000 DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=s1024; d=yahoo.com; h=Message-ID:Received:Date:From:Subject:To:In-Reply-To:MIME-Version:Content-Type:Content-Transfer-Encoding; b=s1+8TQZ0+Y6rRXKemy39J8SRTACOx6Ez2OKvCBQOxO+o4YIy+X2WFV7DminYO65IGBLXN/qHwYD59C9myTCXgV7Knejlt7qPMzisqt3jbEjFkZTuY3ziC6l1nHbibSMFSVRD4uSoae5RUf69vnzVgVRpaMM0leSOD6sO+tU8g2o= ; Message-ID: <20060221074959.34649.qmail@web30307.mail.mud.yahoo.com> Received: from [213.54.71.90] by web30307.mail.mud.yahoo.com via HTTP; Mon, 20 Feb 2006 23:49:59 PST Date: Mon, 20 Feb 2006 23:49:59 -0800 (PST) From: Arne Woerner To: mal content , freebsd-security@freebsd.org In-Reply-To: <8e96a0b90602201708o17e9f206gaffc410f66b53b5c@mail.gmail.com> MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: 8bit Cc: Subject: Re: GELI slice encryption X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 21 Feb 2006 07:50:00 -0000 --- mal content wrote: > remount /tmp, activate swap etc. but I don't know the correct > way to get this done automatically on boot. > Maybe a look into /etc/rc.d/geli /etc/rc.d/geli2 /etc/defaults/rc.conf (search for geli) gives u the necessary information? Bye Arne __________________________________________________ Do You Yahoo!? Tired of spam? Yahoo! Mail has the best spam protection around http://mail.yahoo.com From owner-freebsd-security@FreeBSD.ORG Fri Feb 24 12:23:32 2006 Return-Path: X-Original-To: FreeBSD-security@FreeBSD.org Delivered-To: FreeBSD-security@FreeBSD.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 33D0316A420 for ; Fri, 24 Feb 2006 12:23:32 +0000 (GMT) (envelope-from hygor@vipway.com.br) Received: from poseidon.vipway.com.br (poseidon.vipway.com.br [200.210.198.140]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3AE3343D45 for ; Fri, 24 Feb 2006 12:23:30 +0000 (GMT) (envelope-from hygor@vipway.com.br) Received: (qmail 92743 invoked from network); 24 Feb 2006 09:26:25 -0000 Received: from 200.210.198.135 by poseidon.vipway.com.br (envelope-from , uid 82) with qmail-scanner-1.25 (uvscan: v4.4.00/v4587. spamassassin: 3.1.0. Clear:RC:1(200.210.198.135):. Processed in 0.889925 secs); 24 Feb 2006 09:26:25 -0000 Received: from unknown (HELO ?172.16.0.9?) (200.210.198.135) by poseidon.vipway.com.br with SMTP; 24 Feb 2006 09:26:23 -0000 Message-ID: <43FEFAC0.4080209@vipway.com.br> Date: Fri, 24 Feb 2006 09:23:28 -0300 From: Hygor Cavalcante User-Agent: Thunderbird 1.5 (X11/20060213) MIME-Version: 1.0 To: FreeBSD-security@FreeBSD.org Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: Subject: (no subject) X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 24 Feb 2006 12:23:32 -0000