From owner-freebsd-security@FreeBSD.ORG Sun Jul 24 18:19:14 2005 Return-Path: X-Original-To: freebsd-security@FreeBSD.org Delivered-To: freebsd-security@FreeBSD.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B15F716A41F; Sun, 24 Jul 2005 18:19:14 +0000 (GMT) (envelope-from pjd@darkness.comp.waw.pl) Received: from darkness.comp.waw.pl (darkness.comp.waw.pl [195.117.238.136]) by mx1.FreeBSD.org (Postfix) with ESMTP id 15D6F43D46; Sun, 24 Jul 2005 18:19:14 +0000 (GMT) (envelope-from pjd@darkness.comp.waw.pl) Received: by darkness.comp.waw.pl (Postfix, from userid 1009) id C0D35ACAE0; Sun, 24 Jul 2005 20:19:12 +0200 (CEST) Date: Sun, 24 Jul 2005 20:19:12 +0200 From: Pawel Jakub Dawidek To: Poul-Henning Kamp Message-ID: <20050724181912.GO46538@darkness.comp.waw.pl> References: <20050724135738.GM46538@darkness.comp.waw.pl> <64009.1122213962@phk.freebsd.dk> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="KooJrfvDkviRNGvv" Content-Disposition: inline In-Reply-To: <64009.1122213962@phk.freebsd.dk> User-Agent: Mutt/1.4.2i X-PGP-Key-URL: http://people.freebsd.org/~pjd/pjd.asc X-OS: FreeBSD 5.2.1-RC2 i386 Cc: src-committers@FreeBSD.org, "Andrey A. Chernov" , cvs-src@FreeBSD.org, cvs-all@FreeBSD.org, freebsd-security@FreeBSD.org, Colin Percival Subject: Re: cvs commit: src/games/fortune/fortune fortune.c X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 24 Jul 2005 18:19:15 -0000 --KooJrfvDkviRNGvv Content-Type: text/plain; charset=iso-8859-2 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Sun, Jul 24, 2005 at 04:06:02PM +0200, Poul-Henning Kamp wrote: +> In message <20050724135738.GM46538@darkness.comp.waw.pl>, Pawel Jakub Da= widek writes: +>=20 +> >We should probably test entropy quality on boot. +> >I've somewhere userland version of /sys/dev/rndtest/ which implements +> >FIPS140-2 tests for (P)RNGs. We can use put it into rc.d/ and warn user= s. +>=20 +> We also need to put code into exec(2) to verify that the binary we're ab= out +> to execute does not suffer from Turings halting problem (ie: contains no +> endless loops)=20 +>=20 +> We might as well inspect for buffer overflows at the same time. +>=20 +> Anyway, back in this universe: We should not stick a lot of stuff into +> our boot-time scripts, they are slow enough already. I think such a tool will be still useful (even if not turned on by default), so one can turn it on when thinks it's needed: - on production machines, - on first start of rc.d/sshd (when you host keys are generated), - when you need to check if PRNG is the thing which makes your fortune not to work properly (or instrument the user how to do it easly). etc. We (FreeBSD) did a lot of work to have really good PRNG, so its sucks when it just doesn't work. PS. CCing freebsd-security@. --=20 Pawel Jakub Dawidek http://www.wheel.pl pjd@FreeBSD.org http://www.FreeBSD.org FreeBSD committer Am I Evil? Yes, I Am! --KooJrfvDkviRNGvv Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (FreeBSD) iD8DBQFC49ugForvXbEpPzQRAuA3AKDSdLbn/1r1OTLqK2SBImZAgUX/yQCdHHuE y683EjdBYjoc4QhQhvID/8g= =5f5C -----END PGP SIGNATURE----- --KooJrfvDkviRNGvv-- From owner-freebsd-security@FreeBSD.ORG Sun Jul 24 18:34:08 2005 Return-Path: X-Original-To: freebsd-security@freebsd.org Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2376816A41F; Sun, 24 Jul 2005 18:34:08 +0000 (GMT) (envelope-from cperciva@freebsd.org) Received: from pd3mo2so.prod.shaw.ca (shawidc-mo1.cg.shawcable.net [24.71.223.10]) by mx1.FreeBSD.org (Postfix) with ESMTP id B258A43D4C; Sun, 24 Jul 2005 18:34:07 +0000 (GMT) (envelope-from cperciva@freebsd.org) Received: from pd5mr5so.prod.shaw.ca (pd5mr5so-qfe3.prod.shaw.ca [10.0.141.181]) by l-daemon (Sun ONE Messaging Server 6.0 HotFix 1.01 (built Mar 15 2004)) with ESMTP id <0IK500894A8VOU50@l-daemon>; Sun, 24 Jul 2005 12:34:07 -0600 (MDT) Received: from pn2ml1so.prod.shaw.ca ([10.0.121.145]) by pd5mr5so.prod.shaw.ca (Sun ONE Messaging Server 6.0 HotFix 1.01 (built Mar 15 2004)) with ESMTP id <0IK500J55A8VI8F0@pd5mr5so.prod.shaw.ca>; Sun, 24 Jul 2005 12:34:07 -0600 (MDT) Received: from [192.168.0.60] (S0106006067227a4a.vc.shawcable.net [24.87.209.6]) by l-daemon (iPlanet Messaging Server 5.2 HotFix 1.18 (built Jul 28 2003)) with ESMTP id <0IK50090OA8U7E@l-daemon>; Sun, 24 Jul 2005 12:34:07 -0600 (MDT) Date: Sun, 24 Jul 2005 11:34:06 -0700 From: Colin Percival In-reply-to: <20050724181912.GO46538@darkness.comp.waw.pl> To: Pawel Jakub Dawidek Message-id: <42E3DF1E.9040405@freebsd.org> MIME-version: 1.0 Content-type: text/plain; charset=ISO-8859-1 Content-transfer-encoding: 7bit X-Accept-Language: en-us, en References: <20050724135738.GM46538@darkness.comp.waw.pl> <64009.1122213962@phk.freebsd.dk> <20050724181912.GO46538@darkness.comp.waw.pl> User-Agent: Mozilla Thunderbird 1.0.5 (X11/20050714) Cc: Poul-Henning Kamp , freebsd-security@freebsd.org Subject: Re: cvs commit: src/games/fortune/fortune fortune.c X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 24 Jul 2005 18:34:08 -0000 Pawel Jakub Dawidek wrote: > On Sun, Jul 24, 2005 at 04:06:02PM +0200, Poul-Henning Kamp wrote: > +> In message <20050724135738.GM46538@darkness.comp.waw.pl>, Pawel Jakub Dawidek writes: > +> >We should probably test entropy quality on boot. > +> >I've somewhere userland version of /sys/dev/rndtest/ which implements > +> >FIPS140-2 tests for (P)RNGs. We can use put it into rc.d/ and warn users. > +> > +> Anyway, back in this universe: We should not stick a lot of stuff into > +> our boot-time scripts, they are slow enough already. > > I think such a tool will be still useful (even if not turned on by default), > so one can turn it on when thinks it's needed: > - on production machines, > - on first start of rc.d/sshd (when you host keys are generated), > - when you need to check if PRNG is the thing which makes your fortune > not to work properly (or instrument the user how to do it easly). I think this would be more dangerous than valuable. "Most" failure modes of modern PRNGs will result in output which is cryptographically predictable but passes all known statistical tests. (To take a trivial example, the sequence MD5(0), MD5(1), MD5(2) ... looks random, but obviously isn't.) If we want to determine if the PRNG has been seeded properly, we should be querying the kernel, not trying to distinguish between "random" and "non-random" just based on its output. Colin Percival From owner-freebsd-security@FreeBSD.ORG Mon Jul 25 00:52:02 2005 Return-Path: X-Original-To: freebsd-security@freebsd.org Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3B23A16A41F for ; Mon, 25 Jul 2005 00:52:02 +0000 (GMT) (envelope-from dougb@FreeBSD.org) Received: from mail1.fluidhosting.com (mail1.fluidhosting.com [204.14.90.61]) by mx1.FreeBSD.org (Postfix) with SMTP id 31A0443D48 for ; Mon, 25 Jul 2005 00:52:01 +0000 (GMT) (envelope-from dougb@FreeBSD.org) Received: (qmail 47868 invoked by uid 399); 25 Jul 2005 00:52:00 -0000 Received: from mail1.fluidhosting.com (66.150.201.101) by mail1.fluidhosting.com with SMTP; 25 Jul 2005 00:52:00 -0000 Received: (qmail 91437 invoked by uid 399); 25 Jul 2005 00:51:59 -0000 Received: from unknown (HELO ?192.168.15.101?) (dougb@dougbarton.net@67.20.70.103) by mail1.fluidhosting.com with SMTP; 25 Jul 2005 00:51:59 -0000 Message-ID: <42E437AA.1050307@FreeBSD.org> Date: Sun, 24 Jul 2005 17:51:54 -0700 From: Doug Barton Organization: http://www.FreeBSD.org/ User-Agent: Mozilla Thunderbird 1.0.6 (X11/20050722) X-Accept-Language: en-us, en MIME-Version: 1.0 To: Colin Percival References: <20050724135738.GM46538@darkness.comp.waw.pl> <64009.1122213962@phk.freebsd.dk> <20050724181912.GO46538@darkness.comp.waw.pl> <42E3DF1E.9040405@freebsd.org> In-Reply-To: <42E3DF1E.9040405@freebsd.org> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: Poul-Henning Kamp , Pawel Jakub Dawidek , freebsd-security@freebsd.org Subject: Re: cvs commit: src/games/fortune/fortune fortune.c X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 25 Jul 2005 00:52:02 -0000 Colin Percival wrote: > I think this would be more dangerous than valuable. "Most" failure modes of > modern PRNGs will result in output which is cryptographically predictable but > passes all known statistical tests. (To take a trivial example, the sequence > MD5(0), MD5(1), MD5(2) ... looks random, but obviously isn't.) > > If we want to determine if the PRNG has been seeded properly, we should be > querying the kernel, not trying to distinguish between "random" and "non-random" > just based on its output. I put the following in my /etc/rc.local file to try and do some detective work on the fortune issue: sysctl kern.random.sys.seeded >> ${TMPDIR:-/tmp}/sysctl.out If others are seeing apparent problems with randomness issues on startup this might be a useful diagnostic for them as well. FWIW, I cranked up the entropy save function on my laptop to the following values: entropy_save_sz="4096" # Size of the entropy cache files. entropy_save_num="17" # Number of entropy cache files to save. And haven't seen any problems with repetitive fortunes in the last 2 days. Since storage of these files is pretty painless, I'm tempted to crank this up in /etc/defaults/rc.conf. Opinions? Doug -- This .signature sanitized for your protection From owner-freebsd-security@FreeBSD.ORG Mon Jul 25 11:42:01 2005 Return-Path: X-Original-To: freebsd-security@FreeBSD.ORG Delivered-To: freebsd-security@FreeBSD.ORG Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 16EB116A41F for ; Mon, 25 Jul 2005 11:42:01 +0000 (GMT) (envelope-from des@des.no) Received: from tim.des.no (tim.des.no [194.63.250.121]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8E3D943D4C for ; Mon, 25 Jul 2005 11:42:00 +0000 (GMT) (envelope-from des@des.no) Received: from tim.des.no (localhost [127.0.0.1]) by spam.des.no (Postfix) with ESMTP id 315CE6144; Mon, 25 Jul 2005 13:41:54 +0200 (CEST) Received: from xps.des.no (des.no [80.203.228.37]) by tim.des.no (Postfix) with ESMTP id 1F71B610B; Mon, 25 Jul 2005 13:41:54 +0200 (CEST) Received: by xps.des.no (Postfix, from userid 1001) id 0D47C33D57; Mon, 25 Jul 2005 13:41:54 +0200 (CEST) To: Garrett Wollman References: <42DCC503.5000408@ludd.ltu.se> <20050719213356.GA1614@gothmog.gr> <20050721101331.GB854@trit.org> <24999.192.35.35.35.1121959413.squirrel@192.35.35.35> <20050721155241.GA20438@frontfree.net> <6.2.1.2.2.20050721122658.038f8508@mail.rfnj.org> <17119.53059.856310.876840@khavrinen.csail.mit.edu> From: des@des.no (=?iso-8859-1?q?Dag-Erling_Sm=F8rgrav?=) Date: Mon, 25 Jul 2005 13:41:53 +0200 In-Reply-To: <17119.53059.856310.876840@khavrinen.csail.mit.edu> (Garrett Wollman's message of "Thu, 21 Jul 2005 12:37:23 -0400") Message-ID: <86iryz6rjy.fsf@xps.des.no> User-Agent: Gnus/5.110002 (No Gnus v0.2) Emacs/21.3 (berkeley-unix) MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: quoted-printable X-Spam-Tests: ALL_TRUSTED,AWL,BAYES_00 X-Spam-Learn: ham X-Spam-Score: -5.2/5.0 X-Spam-Checker-Version: SpamAssassin 3.0.4 (2005-06-05) on tim.des.no Cc: freebsd-security@FreeBSD.ORG, asym Subject: Re: Adding OpenBSD sudo to the FreeBSD base system? X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 25 Jul 2005 11:42:01 -0000 Garrett Wollman writes: > su(8) already has the behavior you want. (Now implemented in a PAM > module, and I forget the precise details.) You're probably thinking of the auth_as_self option in pam_unix(8). It was introduced by Mark four years ago. However, what sudo(1) has that su(8) lacks is the ability to control which commands the user is allowed to execute with elevated privileges. DES --=20 Dag-Erling Sm=F8rgrav - des@des.no From owner-freebsd-security@FreeBSD.ORG Mon Jul 25 16:22:26 2005 Return-Path: X-Original-To: freebsd-security@FreeBSD.ORG Delivered-To: freebsd-security@FreeBSD.ORG Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id EA45D16A41F; Mon, 25 Jul 2005 16:22:26 +0000 (GMT) (envelope-from ache@nagual.pp.ru) Received: from nagual.pp.ru (nagual.pp.ru [194.87.13.69]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3E1A743D46; Mon, 25 Jul 2005 16:22:26 +0000 (GMT) (envelope-from ache@nagual.pp.ru) Received: from nagual.pp.ru (ache@localhost [127.0.0.1]) by nagual.pp.ru (8.13.4/8.13.4) with ESMTP id j6PGMOla093442; Mon, 25 Jul 2005 20:22:24 +0400 (MSD) (envelope-from ache@nagual.pp.ru) Received: (from ache@localhost) by nagual.pp.ru (8.13.4/8.13.4/Submit) id j6PGMOZN093441; Mon, 25 Jul 2005 20:22:24 +0400 (MSD) (envelope-from ache) Date: Mon, 25 Jul 2005 20:22:24 +0400 From: Andrey Chernov To: Doug Barton Message-ID: <20050725162224.GA93242@nagual.pp.ru> Mail-Followup-To: Andrey Chernov , Doug Barton , Colin Percival , Poul-Henning Kamp , Pawel Jakub Dawidek , freebsd-security@FreeBSD.ORG References: <20050724135738.GM46538@darkness.comp.waw.pl> <64009.1122213962@phk.freebsd.dk> <20050724181912.GO46538@darkness.comp.waw.pl> <42E3DF1E.9040405@freebsd.org> <42E437AA.1050307@FreeBSD.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <42E437AA.1050307@FreeBSD.org> User-Agent: Mutt/1.5.9i Cc: Poul-Henning Kamp , Pawel Jakub Dawidek , Colin Percival , freebsd-security@FreeBSD.ORG Subject: Re: cvs commit: src/games/fortune/fortune fortune.c X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 25 Jul 2005 16:22:27 -0000 On Sun, Jul 24, 2005 at 05:51:54PM -0700, Doug Barton wrote: > entropy_save_num="17" # Number of entropy cache files to save. > > And haven't seen any problems with repetitive fortunes in the last 2 days. Could you inspect old saved entries in setup when the bug is active? Are they the same across reboot? If no, it is dangerous too (probably bug in kernel random.c). As I read the code, even single _different_ byte will be enough to seed /dev/random to different values. -- http://ache.pp.ru/ From owner-freebsd-security@FreeBSD.ORG Mon Jul 25 18:39:52 2005 Return-Path: X-Original-To: freebsd-security@FreeBSD.ORG Delivered-To: freebsd-security@FreeBSD.ORG Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id AE45816A41F for ; Mon, 25 Jul 2005 18:39:52 +0000 (GMT) (envelope-from dougb@FreeBSD.org) Received: from mail1.fluidhosting.com (mail1.fluidhosting.com [204.14.90.61]) by mx1.FreeBSD.org (Postfix) with SMTP id 3C41943D4C for ; Mon, 25 Jul 2005 18:39:51 +0000 (GMT) (envelope-from dougb@FreeBSD.org) Received: (qmail 89460 invoked by uid 399); 25 Jul 2005 18:39:50 -0000 Received: from mail1.fluidhosting.com (66.150.201.101) by mail1.fluidhosting.com with SMTP; 25 Jul 2005 18:39:50 -0000 Received: (qmail 77039 invoked by uid 399); 25 Jul 2005 18:39:50 -0000 Received: from unknown (HELO ?192.168.15.100?) (dougb@dougbarton.net@67.20.70.103) by mail1.fluidhosting.com with SMTP; 25 Jul 2005 18:39:50 -0000 Message-ID: <42E531F4.8000300@FreeBSD.org> Date: Mon, 25 Jul 2005 11:39:48 -0700 From: Doug Barton Organization: http://www.FreeBSD.org/ User-Agent: Mozilla Thunderbird 1.0.6 (X11/20050722) X-Accept-Language: en-us, en MIME-Version: 1.0 To: Andrey Chernov References: <20050724135738.GM46538@darkness.comp.waw.pl> <64009.1122213962@phk.freebsd.dk> <20050724181912.GO46538@darkness.comp.waw.pl> <42E3DF1E.9040405@freebsd.org> <42E437AA.1050307@FreeBSD.org> <20050725162224.GA93242@nagual.pp.ru> In-Reply-To: <20050725162224.GA93242@nagual.pp.ru> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: freebsd-security@FreeBSD.ORG, Pawel Jakub Dawidek , Colin Percival Subject: Re: cvs commit: src/games/fortune/fortune fortune.c X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 25 Jul 2005 18:39:52 -0000 Andrey Chernov wrote: > On Sun, Jul 24, 2005 at 05:51:54PM -0700, Doug Barton wrote: > >>entropy_save_num="17" # Number of entropy cache files to save. >> >>And haven't seen any problems with repetitive fortunes in the last 2 days. > > > Could you inspect old saved entries in setup when the bug is active? Are > they the same across reboot? I'm sorry, I don't quite understand this question. When I was seeing the problem before, I would see the same fortune about 8 out of 10 times. Now I am seeing different ones each time. It also occurs to me that I changed two things at the same time, which has muddied the water a bit. In addition to beefing up my saved entropy, I also removed an old fortunes2 file, which is where the fortune I was seeing most came from. I'm not sure _why_ that would have caused this problem, or if it did, but wit the combination of the two "solutions," my problem is solved. hth, Doug -- This .signature sanitized for your protection From owner-freebsd-security@FreeBSD.ORG Wed Jul 27 08:50:55 2005 Return-Path: X-Original-To: freebsd-security@freebsd.org Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8906E16A420; Wed, 27 Jul 2005 08:50:55 +0000 (GMT) (envelope-from security-advisories@freebsd.org) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id DBE5043D48; Wed, 27 Jul 2005 08:50:54 +0000 (GMT) (envelope-from security-advisories@freebsd.org) Received: from freefall.freebsd.org (cperciva@localhost [127.0.0.1]) by freefall.freebsd.org (8.13.3/8.13.3) with ESMTP id j6R8osPc080308; Wed, 27 Jul 2005 08:50:54 GMT (envelope-from security-advisories@freebsd.org) Received: (from cperciva@localhost) by freefall.freebsd.org (8.13.3/8.13.1/Submit) id j6R8osRK080306; Wed, 27 Jul 2005 08:50:54 GMT (envelope-from security-advisories@freebsd.org) Date: Wed, 27 Jul 2005 08:50:54 GMT Message-Id: <200507270850.j6R8osRK080306@freefall.freebsd.org> X-Authentication-Warning: freefall.freebsd.org: cperciva set sender to security-advisories@freebsd.org using -f From: FreeBSD Security Advisories To: FreeBSD Security Advisories Precedence: bulk Cc: Subject: FreeBSD Security Advisory FreeBSD-SA-05:18.zlib X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Reply-To: security-advisories@freebsd.org List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 27 Jul 2005 08:50:55 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-05:18.zlib Security Advisory The FreeBSD Project Topic: Buffer overflow in zlib Category: core Module: libz Announced: 2005-07-27 Credits: Markus Oberhumer Affects: FreeBSD 5.3, FreeBSD 5.4 Corrected: 2005-07-27 08:41:44 UTC (RELENG_6, 6.0-BETA2) 2005-07-27 08:41:56 UTC (RELENG_5, 5.4-STABLE) 2005-07-27 08:42:16 UTC (RELENG_5_4, 5.4-RELEASE-p6) 2005-07-27 08:42:38 UTC (RELENG_5_3, 5.3-RELEASE-p20) CVE Name: CAN-2005-1849 For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit . NOTE WELL: The issue discussed in this advisory is distinct from the issue discussed in the earlier advisory FreeBSD-SA-05:16.zlib, although the impact is very similar. I. Background zlib is a compression library used by numerous applications to provide data compression/decompression routines. II. Problem Description A fixed-size buffer is used in the decompression of data streams. Due to erronous analysis performed when zlib was written, this buffer, which was belived to be sufficiently large to handle any possible input stream, is in fact too small. III. Impact A carefully constructed compressed data stream can result in zlib overwriting some data structures. This may cause applications to halt, resulting in a denial of service; or it may result in an attacker gaining elevated privileges. IV. Workaround No workaround is available. V. Solution Perform one of the following: 1) Upgrade your vulnerable system to 5-STABLE, or to the RELENG_5_4 or RELENG_5_3 security branch dated after the correction date. 2) To patch your present system: The following patches have been verified to apply to FreeBSD 5.3, and 5.4 systems. a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. # fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-05:18/zlib.patch # fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-05:18/zlib.patch.asc b) Execute the following commands as root: # cd /usr/src # patch < /path/to/patch # cd /usr/src/lib/libz/ # make obj && make depend && make && make install VI. Correction details The following list contains the revision numbers of each file that was corrected in FreeBSD. Branch Revision Path - ------------------------------------------------------------------------- RELENG_5 src/lib/libz/inftrees.h 1.1.1.5.2.1 RELENG_5_4 src/UPDATING 1.342.2.24.2.15 src/sys/conf/newvers.sh 1.62.2.18.2.11 src/lib/libz/inftrees.h 1.1.1.5.6.1 RELENG_5_3 src/UPDATING 1.342.2.13.2.23 src/sys/conf/newvers.sh 1.62.2.15.2.25 src/lib/libz/inftrees.h 1.1.1.5.4.1 RELENG_6 src/lib/libz/inftrees.h 1.1.1.5.8.1 - ------------------------------------------------------------------------- VII. References http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-1849 The latest revision of this advisory is available at ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:18.zlib.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (FreeBSD) iD4DBQFC50oLFdaIBMps37IRAg/1AJjTCluaNxJuBbSalLtgF34iey8DAJ9BGJmr 9NNdJfcjbm4qucvUYdsOqA== =XDop -----END PGP SIGNATURE----- From owner-freebsd-security@FreeBSD.ORG Wed Jul 27 08:51:02 2005 Return-Path: X-Original-To: freebsd-security@freebsd.org Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 981B616A430; Wed, 27 Jul 2005 08:51:02 +0000 (GMT) (envelope-from security-advisories@freebsd.org) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id B4C6643D5F; Wed, 27 Jul 2005 08:51:00 +0000 (GMT) (envelope-from security-advisories@freebsd.org) Received: from freefall.freebsd.org (cperciva@localhost [127.0.0.1]) by freefall.freebsd.org (8.13.3/8.13.3) with ESMTP id j6R8oxJN080350; Wed, 27 Jul 2005 08:50:59 GMT (envelope-from security-advisories@freebsd.org) Received: (from cperciva@localhost) by freefall.freebsd.org (8.13.3/8.13.1/Submit) id j6R8oxUa080348; Wed, 27 Jul 2005 08:50:59 GMT (envelope-from security-advisories@freebsd.org) Date: Wed, 27 Jul 2005 08:50:59 GMT Message-Id: <200507270850.j6R8oxUa080348@freefall.freebsd.org> X-Authentication-Warning: freefall.freebsd.org: cperciva set sender to security-advisories@freebsd.org using -f From: FreeBSD Security Advisories To: FreeBSD Security Advisories Precedence: bulk Cc: Subject: FreeBSD Security Advisory FreeBSD-SA-05:19.ipsec X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Reply-To: security-advisories@freebsd.org List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 27 Jul 2005 08:51:02 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-05:19.ipsec Security Advisory The FreeBSD Project Topic: Incorrect key usage in AES-XCBC-MAC Category: core Module: netinet6 Announced: 2005-07-27 Credits: Yukiyo Akisada, Yokogawa Electric Corporation Affects: FreeBSD 5.3, FreeBSD 5.4 Corrected: 2005-07-27 08:41:44 UTC (RELENG_6, 6.0-BETA2) 2005-07-27 08:41:56 UTC (RELENG_5, 5.4-STABLE) 2005-07-27 08:42:16 UTC (RELENG_5_4, 5.4-RELEASE-p6) 2005-07-27 08:42:38 UTC (RELENG_5_3, 5.3-RELEASE-p20) CVE Name: CAN-2005-2359 For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit . I. Background IPsec is a security protocol for the Internet Protocol networking layer. It provides a combination of encryption and authentication of system, using several possible cryptography algorithms. II. Problem Description A programming error in the implementation of the AES-XCBC-MAC algorithm for authentication resulted in a constant key being used instead of the key specified by the system administrator. III. Impact If the AES-XCBC-MAC algorithm is used for authentication in the absence of any encryption, then an attacker may be able to forge packets which appear to originate from a different system and thereby succeed in establishing an IPsec session. If access to sensitive information or systems is controlled based on the identity of the source system, this may result in information disclosure or privilege escalation. IV. Workaround Do not use the AES-XCBC-MAC algorithm for authentication, or use it together with some form of IPsec encryption. Systems which do not use IPsec, use other algorithms, or have IPsec encryption enabled are unaffected by this issue. V. Solution Perform one of the following: 1) Upgrade your vulnerable system to 5-STABLE, or to the RELENG_5_4 or RELENG_5_3 security branch dated after the correction date. 2) To patch your present system: The following patches have been verified to apply to FreeBSD 5.3 and 5.4 systems. a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. # fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-05:19/ipsec.patch # fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-05:19/ipsec.patch.asc b) Apply the patch. # cd /usr/src # patch < /path/to/patch c) Recompile your kernel as described in and reboot the system. VI. Correction details The following list contains the revision numbers of each file that was corrected in FreeBSD. Branch Revision Path - ------------------------------------------------------------------------- RELENG_5 src/sys/netinet6/ah_aesxcbcmac.c 1.1.4.2 RELENG_5_4 src/UPDATING 1.342.2.24.2.15 src/sys/conf/newvers.sh 1.62.2.18.2.11 src/sys/netinet6/ah_aesxcbcmac.c 1.1.4.1.2.1 RELENG_5_3 src/UPDATING 1.342.2.13.2.23 src/sys/conf/newvers.sh 1.62.2.15.2.25 src/sys/netinet6/ah_aesxcbcmac.c 1.1.6.1 RELENG_6 src/sys/netinet6/ah_aesxcbcmac.c 1.2.2.1 - ------------------------------------------------------------------------- VII. References http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2005-2359 The latest revision of this advisory is available at ftp://ftp.freebsd.org/pub/FreeBSD/CERT/advisories/FreeBSD-SA-05:19.ipsec.asc -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.1 (FreeBSD) iD8DBQFC50oTFdaIBMps37IRAt3IAJ9tqRnoO5+6u/+3Nn8/Cos1cS1/ygCdHmzs +LPbiS3Bye0Vdvssh7b6vYE= =v16f -----END PGP SIGNATURE----- From owner-freebsd-security@FreeBSD.ORG Fri Jul 29 00:45:02 2005 Return-Path: X-Original-To: freebsd-security@freebsd.org Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6145116A41F; Fri, 29 Jul 2005 00:45:02 +0000 (GMT) (envelope-from rmaglasang@infoweapons.com) Received: from ws2.infoweapons.com (ws2.infoweapons.com [203.177.161.179]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2F3E843D45; Fri, 29 Jul 2005 00:45:00 +0000 (GMT) (envelope-from rmaglasang@infoweapons.com) Received: from [10.3.1.41] ([10.3.1.41]) by ws2.infoweapons.com over TLS secured channel with Microsoft SMTPSVC(6.0.3790.1830); Fri, 29 Jul 2005 08:44:23 +0800 Message-ID: <42E97DDA.9070305@infoweapons.com> Date: Fri, 29 Jul 2005 08:52:42 +0800 From: "Ronnel P. Maglasang" User-Agent: Mozilla Thunderbird 1.0.2 (X11/20050719) X-Accept-Language: en-us, en MIME-Version: 1.0 To: freebsd-geom , freebsd-security Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-OriginalArrivalTime: 29 Jul 2005 00:44:23.0734 (UTC) FILETIME=[AA2DCD60:01C593D6] Cc: Subject: encrypting existing partitions/disks X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 29 Jul 2005 00:45:02 -0000 Hello, Has anyone wrote a how-to or a guick guide on how to encrypt an existing partition/disk using gbde? I've tried to search in the net but i cudn't find any. Is it possible to just move the existing data on my disk, cleanup the disk and encrypt using gbde, attach to the system, then move back the data to the now encrypted disk. Thanks, - ronnel From owner-freebsd-security@FreeBSD.ORG Fri Jul 29 05:10:36 2005 Return-Path: X-Original-To: freebsd-security@freebsd.org Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0C13B16A41F; Fri, 29 Jul 2005 05:10:36 +0000 (GMT) (envelope-from rmaglasang@infoweapons.com) Received: from ws2.infoweapons.com (ws2.infoweapons.com [203.177.161.179]) by mx1.FreeBSD.org (Postfix) with ESMTP id B4A9143D49; Fri, 29 Jul 2005 05:10:34 +0000 (GMT) (envelope-from rmaglasang@infoweapons.com) Received: from [10.3.1.41] ([10.3.1.41]) by ws2.infoweapons.com over TLS secured channel with Microsoft SMTPSVC(6.0.3790.1830); Fri, 29 Jul 2005 13:09:57 +0800 Message-ID: <42E9BC12.2050401@infoweapons.com> Date: Fri, 29 Jul 2005 13:18:10 +0800 From: "Ronnel P. Maglasang" User-Agent: Mozilla Thunderbird 1.0.2 (X11/20050719) X-Accept-Language: en-us, en MIME-Version: 1.0 To: freebsd-hackers , freebsd-geom , freebsd-security Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-OriginalArrivalTime: 29 Jul 2005 05:09:57.0281 (UTC) FILETIME=[C3502110:01C593FB] Cc: Subject: booting gbde-encrypted filesystem X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 29 Jul 2005 05:10:36 -0000 Hello, I think there was already a thread on this. I just want to raise the question again if anyone has successfully booted an gdbe-encrypted filesystem (everything encrypted except the bootloader). The passphrase is entered at the bootloader prompt or embedded in the bootloader. I appreciate any tips. Thanks, - ronnel From owner-freebsd-security@FreeBSD.ORG Fri Jul 29 06:17:17 2005 Return-Path: X-Original-To: freebsd-security@freebsd.org Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8355F16A41F for ; Fri, 29 Jul 2005 06:17:17 +0000 (GMT) (envelope-from ozgur.ozdemircili@gmail.com) Received: from rproxy.gmail.com (rproxy.gmail.com [64.233.170.207]) by mx1.FreeBSD.org (Postfix) with ESMTP id 1DAD143D45 for ; Fri, 29 Jul 2005 06:17:16 +0000 (GMT) (envelope-from ozgur.ozdemircili@gmail.com) Received: by rproxy.gmail.com with SMTP id r35so870062rna for ; Thu, 28 Jul 2005 23:17:15 -0700 (PDT) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:from:to:references:subject:date:mime-version:content-type:content-transfer-encoding:x-priority:x-msmail-priority:x-mailer:x-mimeole; b=d6NReafWbEq93RgDkItMG8mJMENCgfzqHpZExBlFeX7UBbWMsGTU/kTF3AvBPp9AW4t+/yYoyx3i3ctfcusKOu1OHSHNGO9dTUhyewOxerjnvjRJJz1xzueT8r9NbpYsoTYeFSfOcFkeg6AKSR1hedQMV6BbLxkofvqX5tuDt9Y= Received: by 10.38.59.65 with SMTP id h65mr1548148rna; Thu, 28 Jul 2005 23:17:15 -0700 (PDT) Received: from author ([81.215.227.172]) by mx.gmail.com with ESMTP id a67sm910528rne.2005.07.28.23.17.14; Thu, 28 Jul 2005 23:17:15 -0700 (PDT) Message-ID: <037601c59405$54ca0440$640ce00a@casiotours.com> From: "Ozgur Ozdemircili" To: "Ronnel P. Maglasang" , "freebsd-geom" , "freebsd-security" References: <42E97DDA.9070305@infoweapons.com> Date: Fri, 29 Jul 2005 09:18:23 +0300 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1106 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1106 Cc: Subject: Re: encrypting existing partitions/disks X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 29 Jul 2005 06:17:17 -0000 Did you check out http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/disks-encrypting.h tml ? It clearly explains everything. Cheers Ozgur Ozdemircili ----- Original Message ----- From: "Ronnel P. Maglasang" To: "freebsd-geom" ; "freebsd-security" Sent: Friday, July 29, 2005 3:52 AM Subject: encrypting existing partitions/disks > Hello, > > Has anyone wrote a how-to or a guick guide on how > to encrypt an existing partition/disk using gbde? > I've tried to search in the net but i cudn't find > any. Is it possible to just move the existing data > on my disk, cleanup the disk and encrypt using gbde, > attach to the system, then move back the data to the now > encrypted disk. > > Thanks, > - ronnel > _______________________________________________ > freebsd-security@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org" From owner-freebsd-security@FreeBSD.ORG Fri Jul 29 06:26:28 2005 Return-Path: X-Original-To: freebsd-security@freebsd.org Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5071116A41F; Fri, 29 Jul 2005 06:26:28 +0000 (GMT) (envelope-from rmaglasang@infoweapons.com) Received: from ws2.infoweapons.com (ws2.infoweapons.com [203.177.161.179]) by mx1.FreeBSD.org (Postfix) with ESMTP id 5581A43D46; Fri, 29 Jul 2005 06:26:26 +0000 (GMT) (envelope-from rmaglasang@infoweapons.com) Received: from [10.3.1.41] ([10.3.1.41]) by ws2.infoweapons.com over TLS secured channel with Microsoft SMTPSVC(6.0.3790.1830); Fri, 29 Jul 2005 14:25:49 +0800 Message-ID: <42E9CDDE.6060807@infoweapons.com> Date: Fri, 29 Jul 2005 14:34:06 +0800 From: "Ronnel P. Maglasang" User-Agent: Mozilla Thunderbird 1.0.2 (X11/20050719) X-Accept-Language: en-us, en MIME-Version: 1.0 To: Ozgur Ozdemircili References: <42E97DDA.9070305@infoweapons.com> <037601c59405$54ca0440$640ce00a@casiotours.com> In-Reply-To: <037601c59405$54ca0440$640ce00a@casiotours.com> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-OriginalArrivalTime: 29 Jul 2005 06:25:49.0406 (UTC) FILETIME=[5C9747E0:01C59406] Cc: freebsd-security , freebsd-geom Subject: Re: encrypting existing partitions/disks X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 29 Jul 2005 06:26:28 -0000 What you mean everything? There's not much in there, the sample is a clean (new) disk. Anyways, I already figured it out, you just have to move the data on the disk, gbde-encrypt the disk and move the data back. The one I've mentioned below works. Thanks for the feedback. Ozgur Ozdemircili wrote: >Did you check out >http://www.freebsd.org/doc/en_US.ISO8859-1/books/handbook/disks-encrypting.h >tml ? >It clearly explains everything. >Cheers >Ozgur Ozdemircili > >----- Original Message ----- >From: "Ronnel P. Maglasang" >To: "freebsd-geom" ; "freebsd-security" > >Sent: Friday, July 29, 2005 3:52 AM >Subject: encrypting existing partitions/disks > > > > >>Hello, >> >>Has anyone wrote a how-to or a guick guide on how >>to encrypt an existing partition/disk using gbde? >>I've tried to search in the net but i cudn't find >>any. Is it possible to just move the existing data >>on my disk, cleanup the disk and encrypt using gbde, >>attach to the system, then move back the data to the now >>encrypted disk. >> >>Thanks, >>- ronnel >>_______________________________________________ >>freebsd-security@freebsd.org mailing list >>http://lists.freebsd.org/mailman/listinfo/freebsd-security >>To unsubscribe, send any mail to >> >> >"freebsd-security-unsubscribe@freebsd.org" > > > From owner-freebsd-security@FreeBSD.ORG Fri Jul 29 06:54:00 2005 Return-Path: X-Original-To: freebsd-security@freebsd.org Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id ADF2A16A420; Fri, 29 Jul 2005 06:54:00 +0000 (GMT) (envelope-from pjd@darkness.comp.waw.pl) Received: from darkness.comp.waw.pl (darkness.comp.waw.pl [195.117.238.136]) by mx1.FreeBSD.org (Postfix) with ESMTP id C940F43D46; Fri, 29 Jul 2005 06:53:59 +0000 (GMT) (envelope-from pjd@darkness.comp.waw.pl) Received: by darkness.comp.waw.pl (Postfix, from userid 1009) id D91B4ACAF1; Fri, 29 Jul 2005 08:53:57 +0200 (CEST) Date: Fri, 29 Jul 2005 08:53:57 +0200 From: Pawel Jakub Dawidek To: "Ronnel P. Maglasang" Message-ID: <20050729065357.GA617@darkness.comp.waw.pl> References: <42E9BC12.2050401@infoweapons.com> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="vtzGhvizbBRQ85DL" Content-Disposition: inline In-Reply-To: <42E9BC12.2050401@infoweapons.com> User-Agent: Mutt/1.4.2i X-PGP-Key-URL: http://people.freebsd.org/~pjd/pjd.asc X-OS: FreeBSD 5.2.1-RC2 i386 Cc: freebsd-security , freebsd-hackers , freebsd-geom Subject: Re: booting gbde-encrypted filesystem X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 29 Jul 2005 06:54:00 -0000 --vtzGhvizbBRQ85DL Content-Type: text/plain; charset=iso-8859-2 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Fri, Jul 29, 2005 at 01:18:10PM +0800, Ronnel P. Maglasang wrote: +> Hello, +>=20 +> I think there was already a thread on this. I just +> want to raise the question again if anyone has successfully +> booted an gdbe-encrypted filesystem (everything encrypted except +> the bootloader). The passphrase is entered at the bootloader prompt +> or embedded in the bootloader. This is not not possible with current GBDE. I've patches which allows this here: http://people.freebsd.org/~pjd/patches/gbde.patch --=20 Pawel Jakub Dawidek http://www.wheel.pl pjd@FreeBSD.org http://www.FreeBSD.org FreeBSD committer Am I Evil? Yes, I Am! --vtzGhvizbBRQ85DL Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (FreeBSD) iD8DBQFC6dKFForvXbEpPzQRAi03AKCrskTtDsmZFMMECdVKRC4WvDUAlwCdFZok TQ9ygQCYujsqduk/oF61RLs= =DTQv -----END PGP SIGNATURE----- --vtzGhvizbBRQ85DL-- From owner-freebsd-security@FreeBSD.ORG Fri Jul 29 07:55:58 2005 Return-Path: X-Original-To: freebsd-security@freebsd.org Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6661016A41F; Fri, 29 Jul 2005 07:55:58 +0000 (GMT) (envelope-from tataz@tataz.chchile.org) Received: from postfix4-2.free.fr (postfix4-2.free.fr [213.228.0.176]) by mx1.FreeBSD.org (Postfix) with ESMTP id 061E543D45; Fri, 29 Jul 2005 07:55:57 +0000 (GMT) (envelope-from tataz@tataz.chchile.org) Received: from tatooine.tataz.chchile.org (vol75-8-82-233-239-98.fbx.proxad.net [82.233.239.98]) by postfix4-2.free.fr (Postfix) with ESMTP id A1D77323387; Fri, 29 Jul 2005 09:55:56 +0200 (CEST) Received: by tatooine.tataz.chchile.org (Postfix, from userid 1000) id 68690405B; Fri, 29 Jul 2005 09:56:19 +0200 (CEST) Date: Fri, 29 Jul 2005 09:56:18 +0200 From: Jeremie Le Hen To: Pawel Jakub Dawidek Message-ID: <20050729075618.GI68965@obiwan.tataz.chchile.org> References: <42E9BC12.2050401@infoweapons.com> <20050729065357.GA617@darkness.comp.waw.pl> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20050729065357.GA617@darkness.comp.waw.pl> User-Agent: Mutt/1.5.9i Cc: freebsd-security , freebsd-geom , freebsd-hackers , "Ronnel P. Maglasang" Subject: Re: booting gbde-encrypted filesystem X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 29 Jul 2005 07:55:58 -0000 > This is not not possible with current GBDE. > I've patches which allows this here: > > http://people.freebsd.org/~pjd/patches/gbde.patch This is great. Do you intend to commit it someday ? I know the GELI framework allows to use an encrypted root partition, but it would be interesting for GBDE users to be provided such a fonctionnality. Thank you. Regards, -- Jeremie Le Hen < jeremie at le-hen dot org >< ttz at chchile dot org > From owner-freebsd-security@FreeBSD.ORG Fri Jul 29 08:00:48 2005 Return-Path: X-Original-To: freebsd-security@freebsd.org Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3AB8116A41F; Fri, 29 Jul 2005 08:00:48 +0000 (GMT) (envelope-from pjd@darkness.comp.waw.pl) Received: from darkness.comp.waw.pl (darkness.comp.waw.pl [195.117.238.136]) by mx1.FreeBSD.org (Postfix) with ESMTP id A76EA43D49; Fri, 29 Jul 2005 08:00:47 +0000 (GMT) (envelope-from pjd@darkness.comp.waw.pl) Received: by darkness.comp.waw.pl (Postfix, from userid 1009) id 06F40ACE06; Fri, 29 Jul 2005 10:00:36 +0200 (CEST) Date: Fri, 29 Jul 2005 10:00:36 +0200 From: Pawel Jakub Dawidek To: Jeremie Le Hen Message-ID: <20050729080035.GB609@darkness.comp.waw.pl> References: <42E9BC12.2050401@infoweapons.com> <20050729065357.GA617@darkness.comp.waw.pl> <20050729075618.GI68965@obiwan.tataz.chchile.org> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="dTy3Mrz/UPE2dbVg" Content-Disposition: inline In-Reply-To: <20050729075618.GI68965@obiwan.tataz.chchile.org> User-Agent: Mutt/1.4.2i X-PGP-Key-URL: http://people.freebsd.org/~pjd/pjd.asc X-OS: FreeBSD 5.2.1-RC2 i386 Cc: freebsd-security , freebsd-geom , freebsd-hackers , "Ronnel P. Maglasang" Subject: Re: booting gbde-encrypted filesystem X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 29 Jul 2005 08:00:48 -0000 --dTy3Mrz/UPE2dbVg Content-Type: text/plain; charset=iso-8859-2 Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Fri, Jul 29, 2005 at 09:56:18AM +0200, Jeremie Le Hen wrote: +> > This is not not possible with current GBDE. +> > I've patches which allows this here: +> >=20 +> > http://people.freebsd.org/~pjd/patches/gbde.patch +>=20 +> This is great. Do you intend to commit it someday ? I know the GELI +> framework allows to use an encrypted root partition, but it would be +> interesting for GBDE users to be provided such a fonctionnality. I sent those patches to phk@ few months ago now. If he decided to add such functionality he is welcome to use them:) I'm not going to commit it by myself. --=20 Pawel Jakub Dawidek http://www.wheel.pl pjd@FreeBSD.org http://www.FreeBSD.org FreeBSD committer Am I Evil? Yes, I Am! --dTy3Mrz/UPE2dbVg Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.4 (FreeBSD) iD8DBQFC6eIjForvXbEpPzQRAocWAJ9Jdxg14xsif8Du8F/VAy1jQZuJ6ACgrO2Q v+SfXaZk4Bfyf/1cyzlvFCM= =zJgB -----END PGP SIGNATURE----- --dTy3Mrz/UPE2dbVg-- From owner-freebsd-security@FreeBSD.ORG Fri Jul 29 11:52:43 2005 Return-Path: X-Original-To: freebsd-security@freebsd.org Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E1DFA16A41F; Fri, 29 Jul 2005 11:52:43 +0000 (GMT) (envelope-from phk@phk.freebsd.dk) Received: from haven.freebsd.dk (haven.freebsd.dk [130.225.244.222]) by mx1.FreeBSD.org (Postfix) with ESMTP id 7BDF643D45; Fri, 29 Jul 2005 11:52:43 +0000 (GMT) (envelope-from phk@phk.freebsd.dk) Received: from phk.freebsd.dk (unknown [192.168.48.2]) by haven.freebsd.dk (Postfix) with ESMTP id A2E38BC66; Fri, 29 Jul 2005 11:52:41 +0000 (UTC) To: Alexander Leidinger From: "Poul-Henning Kamp" In-Reply-To: Your message of "Fri, 29 Jul 2005 13:45:48 +0200." <20050729134548.1cc28dr8gg0k4k0g@netchild.homeip.net> Date: Fri, 29 Jul 2005 13:52:40 +0200 Message-ID: <94252.1122637960@phk.freebsd.dk> Sender: phk@phk.freebsd.dk Cc: freebsd-security , "Ronnel P. Maglasang" , Pawel Jakub Dawidek , freebsd-hackers , freebsd-geom Subject: Re: booting gbde-encrypted filesystem X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 29 Jul 2005 11:52:44 -0000 In message <20050729134548.1cc28dr8gg0k4k0g@netchild.homeip.net>, Alexander Leidinger writes: >Pawel Jakub Dawidek wrote: > >> This is not not possible with current GBDE. >> I've patches which allows this here: >> >> http://people.freebsd.org/~pjd/patches/gbde.patch > >I fail to see how this allows an encryted root-FS, it doesn't add gbde >support to boot0(ext) or to the loader. It needs access to an unencrypted >kernel. I don't think this is what Ronnel had in mind (overlooking the fact >that his suggestion to save the passphrase in the loader is insecure). There is a difference between loading the kernel from an encrypted volume (very hard!) and mounting the root filesystem from an encrypted volume (possible with pawels patch. Now of course, if your kernel has been trojaned, you're in trouble, but then again, most people just worry about their data if the machine gets stolen. -- Poul-Henning Kamp | UNIX since Zilog Zeus 3.20 phk@FreeBSD.ORG | TCP/IP since RFC 956 FreeBSD committer | BSD since 4.3-tahoe Never attribute to malice what can adequately be explained by incompetence. From owner-freebsd-security@FreeBSD.ORG Fri Jul 29 11:46:01 2005 Return-Path: X-Original-To: freebsd-security@freebsd.org Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B079516A41F; Fri, 29 Jul 2005 11:46:01 +0000 (GMT) (envelope-from Alexander@Leidinger.net) Received: from mailout07.sul.t-online.com (mailout07.sul.t-online.com [194.25.134.83]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9FDDB43D48; Fri, 29 Jul 2005 11:46:00 +0000 (GMT) (envelope-from Alexander@Leidinger.net) Received: from fwd26.aul.t-online.de by mailout07.sul.t-online.com with smtp id 1DyTJO-000064-01; Fri, 29 Jul 2005 13:45:58 +0200 Received: from Andro-Beta.Leidinger.net (SOkMxYZp8eZNCzlKsWqx3CHvPocSdyqG6GSmeL7Q+uOaz6fbFdncsW@[84.165.201.169]) by fwd26.sul.t-online.de with esmtp id 1DyTJL-18HMzA0; Fri, 29 Jul 2005 13:45:55 +0200 Received: from localhost (localhost [127.0.0.1]) by Andro-Beta.Leidinger.net (8.13.3/8.13.3) with ESMTP id j6TBjmAw061039; Fri, 29 Jul 2005 13:45:48 +0200 (CEST) (envelope-from Alexander@Leidinger.net) Received: from 141.113.101.31 ([141.113.101.31]) by netchild.homeip.net (Horde MIME library) with HTTP for ; Fri, 29 Jul 2005 13:45:48 +0200 Message-ID: <20050729134548.1cc28dr8gg0k4k0g@netchild.homeip.net> X-Priority: 3 (Normal) Date: Fri, 29 Jul 2005 13:45:48 +0200 From: Alexander Leidinger To: Pawel Jakub Dawidek References: <42E9BC12.2050401@infoweapons.com> <20050729065357.GA617@darkness.comp.waw.pl> In-Reply-To: <20050729065357.GA617@darkness.comp.waw.pl> MIME-Version: 1.0 Content-Type: text/plain; charset=ISO-8859-15; format="flowed" Content-Disposition: inline Content-Transfer-Encoding: 7bit User-Agent: Internet Messaging Program (IMP) H3 (4.0.3) / FreeBSD-4.11 X-ID: SOkMxYZp8eZNCzlKsWqx3CHvPocSdyqG6GSmeL7Q+uOaz6fbFdncsW@t-dialin.net X-TOI-MSGID: 82a2a4a0-6caf-4639-9241-f63ea2662f16 X-Mailman-Approved-At: Fri, 29 Jul 2005 13:21:46 +0000 Cc: freebsd-security , freebsd-geom , freebsd-hackers , "Ronnel P. Maglasang" Subject: Re: booting gbde-encrypted filesystem X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 29 Jul 2005 11:46:02 -0000 Pawel Jakub Dawidek wrote: > This is not not possible with current GBDE. > I've patches which allows this here: > > http://people.freebsd.org/~pjd/patches/gbde.patch I fail to see how this allows an encryted root-FS, it doesn't add gbde support to boot0(ext) or to the loader. It needs access to an unencrypted kernel. I don't think this is what Ronnel had in mind (overlooking the fact that his suggestion to save the passphrase in the loader is insecure). Bye, Alexander. -- http://www.Leidinger.net Alexander @ Leidinger.net: PGP ID = B0063FE7 http://www.FreeBSD.org netchild @ FreeBSD.org : PGP ID = 72077137 The man who can smile when things go wrong has thought of someone he can blame it on. From owner-freebsd-security@FreeBSD.ORG Fri Jul 29 21:38:19 2005 Return-Path: X-Original-To: freebsd-security@hub.freebsd.org Delivered-To: freebsd-security@hub.freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 81A6F16A41F; Fri, 29 Jul 2005 21:38:19 +0000 (GMT) (envelope-from linimon@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3EF6E43D46; Fri, 29 Jul 2005 21:38:19 +0000 (GMT) (envelope-from linimon@FreeBSD.org) Received: from freefall.freebsd.org (linimon@localhost [127.0.0.1]) by freefall.freebsd.org (8.13.3/8.13.3) with ESMTP id j6TLcJPN069654; Fri, 29 Jul 2005 21:38:19 GMT (envelope-from linimon@freefall.freebsd.org) Received: (from linimon@localhost) by freefall.freebsd.org (8.13.3/8.13.1/Submit) id j6TLcJ2t069650; Fri, 29 Jul 2005 21:38:19 GMT (envelope-from linimon) Date: Fri, 29 Jul 2005 21:38:19 GMT From: Mark Linimon Message-Id: <200507292138.j6TLcJ2t069650@freefall.freebsd.org> To: linimon@FreeBSD.org, freebsd-ports-bugs@FreeBSD.org, freebsd-security@FreeBSD.org X-Mailman-Approved-At: Sat, 30 Jul 2005 16:37:25 +0000 Cc: Subject: Re: ports/84312: security/portaudit doesn't report about all security bugs X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 29 Jul 2005 21:38:19 -0000 Old Synopsis: portaudit doesn't report about all security bugs New Synopsis: security/portaudit doesn't report about all security bugs Responsible-Changed-From-To: freebsd-ports-bugs->freebsd-security Responsible-Changed-By: linimon Responsible-Changed-When: Fri Jul 29 21:37:38 GMT 2005 Responsible-Changed-Why: Over to maintainer(s). http://www.freebsd.org/cgi/query-pr.cgi?pr=84312 From owner-freebsd-security@FreeBSD.ORG Sat Jul 30 17:06:09 2005 Return-Path: X-Original-To: freebsd-security@hub.freebsd.org Delivered-To: freebsd-security@hub.freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9CB2F16A41F; Sat, 30 Jul 2005 17:06:09 +0000 (GMT) (envelope-from remko@FreeBSD.org) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 4ADDB43D69; Sat, 30 Jul 2005 17:06:08 +0000 (GMT) (envelope-from remko@FreeBSD.org) Received: from freefall.freebsd.org (remko@localhost [127.0.0.1]) by freefall.freebsd.org (8.13.3/8.13.3) with ESMTP id j6UH67e4060139; Sat, 30 Jul 2005 17:06:08 GMT (envelope-from remko@freefall.freebsd.org) Received: (from remko@localhost) by freefall.freebsd.org (8.13.3/8.13.1/Submit) id j6UH67DI060135; Sat, 30 Jul 2005 17:06:07 GMT (envelope-from remko) Date: Sat, 30 Jul 2005 17:06:07 GMT From: Remko Lodder Message-Id: <200507301706.j6UH67DI060135@freefall.freebsd.org> To: remko@FreeBSD.org, freebsd-security@FreeBSD.org, remko@FreeBSD.org X-Mailman-Approved-At: Sat, 30 Jul 2005 17:11:00 +0000 Cc: Subject: Re: ports/84312: security/portaudit doesn't report about all security bugs X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 30 Jul 2005 17:06:09 -0000 Synopsis: security/portaudit doesn't report about all security bugs Responsible-Changed-From-To: freebsd-security->remko Responsible-Changed-By: remko Responsible-Changed-When: Sat Jul 30 17:05:19 GMT 2005 Responsible-Changed-Why: I entered the apache vulnerability into VuXML so i should fix this. Thanks for mentioning this! http://www.freebsd.org/cgi/query-pr.cgi?pr=84312