From owner-freebsd-audit Sun Jan 9 1:25: 9 2000 Delivered-To: freebsd-audit@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 758) id 327A014DAF; Sun, 9 Jan 2000 01:25:07 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by hub.freebsd.org (Postfix) with ESMTP id 2161C1CD82D for ; Sun, 9 Jan 2000 01:25:07 -0800 (PST) (envelope-from kris@hub.freebsd.org) Date: Sun, 9 Jan 2000 01:25:07 -0800 (PST) From: Kris Kennaway To: audit@freebsd.org Subject: Tempfile handling in ctm Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG This patch fixes the tempfile handling in ctm(1), removing race conditions and replacing tempnam() with mkstemp(). Reviews please! :) Kris Index: ctm.c =================================================================== RCS file: /home/ncvs/src/usr.sbin/ctm/ctm/ctm.c,v retrieving revision 1.18 diff -u -r1.18 ctm.c --- ctm.c 1999/08/28 01:15:59 1.18 +++ ctm.c 2000/01/09 09:17:03 @@ -39,6 +39,7 @@ */ #define EXTERN /* */ +#include #include "ctm.h" #define CTM_STATUS ".ctm_status" @@ -64,6 +65,9 @@ BackupFile = NULL; TarCmd = TARCMD; LastFilter = FilterList = NULL; + TmpDir = getenv("TMPDIR"); + if (TmpDir == NULL) + TmpDir = strdup(_PATH_TMP); setbuf(stderr,0); setbuf(stdout,0); @@ -224,18 +228,27 @@ /* If we cannot seek, we're doomed, so copy to a tmp-file in that case */ if(!p && -1 == fseek(f,0,SEEK_END)) { - char *fn = tempnam(TmpDir,"CTMclient"); - FILE *f2 = fopen(fn,"w+"); - int i; + char *fn; + FILE *f2; + int fd; - if(!f2) { - warn("%s", fn); + if (asprintf(&fn, "%s/CTMclient.XXXXXXXXXX", TmpDir) == -1) { + fprintf(stderr, "Cannot allocate memory\n"); fclose(f); return Exit_Broke; } + if ((fd = mkstemp(fn)) == -1 || (f2 = fdopen(fd, "w+")) == NULL) { + perror(fn); + free(fn); + if (fd != -1) + close(fd); + fclose(f); + return Exit_Broke; + } unlink(fn); if (Verbose > 0) fprintf(stderr,"Writing tmp-file \"%s\"\n",fn); + free(fn); while(EOF != (i=getc(f))) if(EOF == putc(i,f2)) { fclose(f2); Index: ctm_pass2.c =================================================================== RCS file: /home/ncvs/src/usr.sbin/ctm/ctm/ctm_pass2.c,v retrieving revision 1.17 diff -u -r1.17 ctm_pass2.c --- ctm_pass2.c 1999/08/28 01:16:00 1.17 +++ ctm_pass2.c 2000/01/09 09:22:47 @@ -182,7 +182,21 @@ if (!match) break; if(!strcmp(sp->Key,"FN")) { - p = tempnam(TmpDir,"CTMclient"); + if(asprintf((char **)&p, "%s/CTMclient.XXXXXXXXXX", + TmpDir) == -1) { + fprintf(stderr, "Cannot allocate memory\n"); + ret |= Exit_NotOK; + return ret; + } + if((j = mkstemp(p)) == -1) { + fprintf(stderr, + " %s: Could not create tempfile.\n", + sp->Key); + Free(p); + ret |= Exit_NotOK; + return ret; + } + close(j); j = ctm_edit(trash,cnt,name,p); if(j) { fprintf(stderr," %s: %s edit returned %d.\n", @@ -202,7 +216,21 @@ unlink(p); Free(p); } else if (!strcmp(sp->Key,"FE")) { - p = tempnam(TmpDir,"CTMclient"); + if(asprintf((char **)&p, "%s/CTMclient.XXXXXXXXXX", + TmpDir) == -1) { + fprintf(stderr, "Cannot allocate memory\n"); + ret |= Exit_NotOK; + return ret; + } + if((j = mkstemp(p)) == -1) { + fprintf(stderr, + " %s: Could not create tempfile.\n", + sp->Key); + Free(p); + ret |= Exit_NotOK; + return ret; + } + close(j); ed = popen("ed","w"); if (!ed) { WRONG To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Sun Jan 9 2: 6:39 2000 Delivered-To: freebsd-audit@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 758) id B81E615275; Sun, 9 Jan 2000 02:06:37 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by hub.freebsd.org (Postfix) with ESMTP id A95641CD831 for ; Sun, 9 Jan 2000 02:06:37 -0800 (PST) (envelope-from kris@hub.freebsd.org) Date: Sun, 9 Jan 2000 02:06:37 -0800 (PST) From: Kris Kennaway To: audit@freebsd.org Subject: Tempfile handling in kgzip Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG tempnam() -> mkstemp() Kris Index: kgzip.c =================================================================== RCS file: /home/ncvs/src/usr.sbin/kgzip/kgzip.c,v retrieving revision 1.2 diff -u -r1.2 kgzip.c --- kgzip.c 1999/08/28 01:16:43 1.2 +++ kgzip.c 2000/01/09 10:02:49 @@ -47,11 +47,9 @@ #define SFX_KGZ ".kgz" /* Filename suffix: executable */ #define SFX_MAX 5 /* Size of larger filename suffix */ -#define TMP_PREFIX "kgz" /* Temporary file prefix */ - const char *loader = "/usr/lib/kgzldr.o"; /* Default loader */ -static const char *tname; /* Name of temporary file */ +static char tname[] = "/tmp/kgzXXXXXXXXXX"; /* Name of temporary file */ static void cleanup(void); static void mk_fn(int, const char *, const char *, char *[]); @@ -122,7 +120,7 @@ { const char *p, *s; size_t n; - int i; + int i, fd; i = 0; s = strrchr(f1, 0); @@ -133,8 +131,9 @@ } fn[i++] = (char *)f1; if (i == FN_OBJ && !cflag) { - if (!(tname = tempnam(NULL, TMP_PREFIX))) + if ((fd = mkstemp(tname)) == -1) err(1, NULL); + close(fd); fn[i++] = (char *)tname; } if (!(fn[i] = (char *)f2)) { To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Sun Jan 9 11:18: 3 2000 Delivered-To: freebsd-audit@freebsd.org Received: from troutmask.apl.washington.edu (troutmask.apl.washington.edu [128.95.76.54]) by hub.freebsd.org (Postfix) with ESMTP id 7858D14E1C; Sun, 9 Jan 2000 11:17:59 -0800 (PST) (envelope-from sgk@troutmask.apl.washington.edu) Received: (from sgk@localhost) by troutmask.apl.washington.edu (8.9.3/8.9.3) id LAA02124; Sun, 9 Jan 2000 11:18:04 -0800 (PST) (envelope-from sgk) From: Steve Kargl Message-Id: <200001091918.LAA02124@troutmask.apl.washington.edu> Subject: Re: Tempfile handling in kgzip In-Reply-To: from Kris Kennaway at "Jan 9, 2000 02:06:37 am" To: Kris Kennaway Date: Sun, 9 Jan 2000 11:18:04 -0800 (PST) Cc: audit@FreeBSD.ORG X-Mailer: ELM [version 2.4ME+ PL61 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Kris Kennaway wrote: > tempnam() -> mkstemp() > [Patch deleted] Kris, Should we check for TMPDIR as an enviromental variable to make the template? -- Steve To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Mon Jan 10 0:30:50 2000 Delivered-To: freebsd-audit@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 758) id 6BF9B15171; Mon, 10 Jan 2000 00:30:42 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by hub.freebsd.org (Postfix) with ESMTP id 4D7E41CD44A for ; Mon, 10 Jan 2000 00:30:42 -0800 (PST) (envelope-from kris@hub.freebsd.org) Date: Mon, 10 Jan 2000 00:30:42 -0800 (PST) From: Kris Kennaway To: audit@freebsd.org Subject: Re: Tempfile handling in kgzip In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Sun, 9 Jan 2000, Kris Kennaway wrote: > tempnam() -> mkstemp() Updated patch respects TMPDIR like tempnam() does, in case anyone relied on that. Kris Index: kgzip.c =================================================================== RCS file: /home/ncvs/src/usr.sbin/kgzip/kgzip.c,v retrieving revision 1.2 diff -u -r1.2 kgzip.c --- kgzip.c 1999/08/28 01:16:43 1.2 +++ kgzip.c 2000/01/10 08:27:40 @@ -47,11 +47,9 @@ #define SFX_KGZ ".kgz" /* Filename suffix: executable */ #define SFX_MAX 5 /* Size of larger filename suffix */ -#define TMP_PREFIX "kgz" /* Temporary file prefix */ - const char *loader = "/usr/lib/kgzldr.o"; /* Default loader */ -static const char *tname; /* Name of temporary file */ +char *tname; /* Name of temporary file */ static void cleanup(void); static void mk_fn(int, const char *, const char *, char *[]); @@ -68,6 +66,12 @@ const char *output; int cflag, vflag, c; + if (getenv("TMPDIR") == NULL) + tname = strdup("/tmp/kgzXXXXXXXXXX"); + else + if (asprintf(&tname, "%s/kgzXXXXXXXXXX", getenv("TMPDIR")) == -1) + errx(1, "Out of memory"); + output = NULL; cflag = vflag = 0; while ((c = getopt(argc, argv, "cvl:o:")) != -1) @@ -122,7 +126,7 @@ { const char *p, *s; size_t n; - int i; + int i, fd; i = 0; s = strrchr(f1, 0); @@ -133,8 +137,9 @@ } fn[i++] = (char *)f1; if (i == FN_OBJ && !cflag) { - if (!(tname = tempnam(NULL, TMP_PREFIX))) + if ((fd = mkstemp(tname)) == -1) err(1, NULL); + close(fd); fn[i++] = (char *)tname; } if (!(fn[i] = (char *)f2)) { To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Mon Jan 10 1: 8: 4 2000 Delivered-To: freebsd-audit@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 758) id 79F4C14D4F; Mon, 10 Jan 2000 01:08:03 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by hub.freebsd.org (Postfix) with ESMTP id 6BFE21CD836 for ; Mon, 10 Jan 2000 01:08:03 -0800 (PST) (envelope-from kris@hub.freebsd.org) Date: Mon, 10 Jan 2000 01:08:03 -0800 (PST) From: Kris Kennaway To: audit@freebsd.org Subject: Simple task Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG Here's something simple you guys can do: install /usr/ports/security/l0pht-watch and run it constantly for a few days, and look at what it picks up. There are lots of insecurely-named tempfiles created by FreeBSD utilities and ports, even ones which otherwise create the files atomically (using 6 Xs in mkstemp() isn't very secure, since 5 of those are usually taken up by the PID, which is fairly easy to predict). Kris To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Mon Jan 10 15: 3:49 2000 Delivered-To: freebsd-audit@freebsd.org Received: from foobar.franken.de (foobar.franken.de [194.94.249.81]) by hub.freebsd.org (Postfix) with ESMTP id BF81514CA2; Mon, 10 Jan 2000 15:03:43 -0800 (PST) (envelope-from logix@foobar.franken.de) Received: (from logix@localhost) by foobar.franken.de (8.8.8/8.8.5) id AAA04586; Tue, 11 Jan 2000 00:03:45 +0100 (CET) Message-ID: <20000111000344.C4237@foobar.franken.de> Date: Tue, 11 Jan 2000 00:03:44 +0100 From: Harold Gutch To: Kris Kennaway , audit@FreeBSD.ORG Subject: Re: Simple task References: Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 0.93.2i In-Reply-To: ; from Kris Kennaway on Mon, Jan 10, 2000 at 01:08:03AM -0800 Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Mon, Jan 10, 2000 at 01:08:03AM -0800, Kris Kennaway wrote: > Here's something simple you guys can do: install > /usr/ports/security/l0pht-watch and run it constantly for a few days, and > look at what it picks up. There are lots of insecurely-named tempfiles > created by FreeBSD utilities and ports, even ones which otherwise create > the files atomically (using 6 Xs in mkstemp() isn't very secure, since 5 > of those are usually taken up by the PID, which is fairly easy to > predict). A thing I changed in the source, was in list_utils.c:147, where the maximum full filenamelength that is printed, is limited to 20 chars. mutt (at least the version I'm using, which is pretty outdated, I know :) ) creates a file in /tmp for pretty many things - l0pht-watch though didn't show the complete filenames and thus always displayed the _same_ (cut off) filename; the differences in the names would only occur after the 20th character. bye, Harold -- Someone should do a study to find out how many human life spans have been lost waiting for NT to reboot. Ken Deboy on Dec 24 1999 in comp.unix.bsd.freebsd.misc To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Mon Jan 10 18:40:39 2000 Delivered-To: freebsd-audit@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 758) id 4176714CC4; Mon, 10 Jan 2000 18:40:38 -0800 (PST) Received: from localhost (localhost [127.0.0.1]) by hub.freebsd.org (Postfix) with ESMTP id 2EE2D1CD440; Mon, 10 Jan 2000 18:40:38 -0800 (PST) (envelope-from kris@hub.freebsd.org) Date: Mon, 10 Jan 2000 18:40:38 -0800 (PST) From: Kris Kennaway To: Harold Gutch Cc: audit@FreeBSD.ORG Subject: Re: Simple task In-Reply-To: <20000111000344.C4237@foobar.franken.de> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Tue, 11 Jan 2000, Harold Gutch wrote: > A thing I changed in the source, was in list_utils.c:147, where > the maximum full filenamelength that is printed, is limited to 20 > chars. mutt (at least the version I'm using, which is pretty > outdated, I know :) ) creates a file in /tmp for pretty many Yeah, this is useful in general..I might add a patch to the sources to configure this. Kris To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Thu Jan 13 9:44:32 2000 Delivered-To: freebsd-audit@freebsd.org Received: from gratis.grondar.za (gratis.grondar.za [196.7.18.133]) by hub.freebsd.org (Postfix) with ESMTP id 23B8814F93 for ; Thu, 13 Jan 2000 09:44:08 -0800 (PST) (envelope-from mark@grondar.za) Received: from grondar.za (localhost [127.0.0.1]) by gratis.grondar.za (8.10.0.Beta6/8.10.0.Beta6) with ESMTP id e0DHhAw70607; Thu, 13 Jan 2000 19:43:10 +0200 (SAST) Message-Id: <200001131743.e0DHhAw70607@gratis.grondar.za> To: "Jordan K. Hubbard" Cc: audit@freebsd.org Subject: Re: We need to do an audit of our "crypto", both current and planned. References: <95546.947784235@zippy.cdrom.com> In-Reply-To: <95546.947784235@zippy.cdrom.com> ; from "Jordan K. Hubbard" "Thu, 13 Jan 2000 09:23:55 PST." Date: Thu, 13 Jan 2000 19:43:09 +0200 From: Mark Murray Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > Encryption source code which is available to the public and which > is subject to an express agreement for the payment of a licensing > fee or royalty for commercial production or sale of any product > developed using the source code (such as "community source" code) > may be exported under a license exception to any end-user without a > technical review. At the time of export, the exporter must submit > to the Bureau of Export Administration a copy of the source code, > or a written notification of its Internet address. All other source > code can be exported after a technical review to any non-government > end-user. U.S. exporters may have to provide general information on > foreign products developed for commercial sale using commercial source > code, but foreign products developed using U.S.-origin source code or > toolkits do not require a technical review. Once the code has been "declared", are we allowed to change it? > E.g. I need to submit a written notification containing the URL > pointing to just the crypto stuff we're going to do, including future > items like OpenSSH, IPSec, etc. Once that's done, at least as I read > this agreement (and have at least 3 times :), we and any mirror site > in the U.S. containing the FreeBSD code should be in the clear. I'm nervous ("paranoid") that "declared" code is somehow set in stone, er, red tape, and needs to be "re-declared" after any change. > I'm also sure that it's possible to read this agreement in such a way > that, with sufficient paranoia, one could conclude that nothing had > changed and it was all a plot by the space aliens to lend us a false > sense of security, but I'd rather not hear those arguments from people > right now, I just want to know what we should "declare" as part of > this process. :) I think it needs to be made abundantly clear that the code is in a permanent state of development, and as such may be different on a day that someone downloads it to the day that it was "declared". It also needs to be abundantly clear that code is not only changed, but added to and subtracted from. IANAL, IAJP. M -- Mark Murray Join the anti-SPAM movement: http://www.cauce.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Thu Jan 13 9:56:36 2000 Delivered-To: freebsd-audit@freebsd.org Received: from zippy.cdrom.com (zippy.cdrom.com [204.216.27.228]) by hub.freebsd.org (Postfix) with ESMTP id 3984C14EFD for ; Thu, 13 Jan 2000 09:56:35 -0800 (PST) (envelope-from jkh@zippy.cdrom.com) Received: from zippy.cdrom.com (jkh@localhost [127.0.0.1]) by zippy.cdrom.com (8.9.3/8.9.3) with ESMTP id JAA39407; Thu, 13 Jan 2000 09:56:38 -0800 (PST) (envelope-from jkh@zippy.cdrom.com) To: Mark Murray Cc: audit@freebsd.org Subject: Re: We need to do an audit of our "crypto", both current and planned. In-reply-to: Your message of "Thu, 13 Jan 2000 19:43:09 +0200." <200001131743.e0DHhAw70607@gratis.grondar.za> Date: Thu, 13 Jan 2000 09:56:37 -0800 Message-ID: <39393.947786197@zippy.cdrom.com> From: "Jordan K. Hubbard" Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > Once the code has been "declared", are we allowed to change it? I think that's the idea behind giving them a URL. Surely the Linux folks are going to jump on this bandwagon and I certainly expect their code to change once declared. I think all the commerce department is looking for here is a pointer to something they can audit on demand should reports surface that Fidel Castro is using Red Hat linux to communicate with the chinese government or something. Someone also suggested that I sign the commerce dept. up for a gratis CD subscription, and I'd be happy to do that. :) > I'm nervous ("paranoid") that "declared" code is somehow set in stone, > er, red tape, and needs to be "re-declared" after any change. I appreciate this, but I certainly don't see anything in the agreement so far which implies this, and I would expect some far more vocal and far richer open source players to scream blue murder over this if it were a one-off deal on the declaration. Everyone involved has got to know that the code changes too rapidly to make any other approach practical. - Jordan To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Thu Jan 13 10:40:41 2000 Delivered-To: freebsd-audit@freebsd.org Received: from erouter0.it-datacntr.louisville.edu (erouter0.it-datacntr.louisville.edu [136.165.1.36]) by hub.freebsd.org (Postfix) with ESMTP id 85FF915697 for ; Thu, 13 Jan 2000 10:40:06 -0800 (PST) (envelope-from k.stevenson@louisville.edu) Received: from osaka.louisville.edu (osaka.louisville.edu [136.165.1.114]) by erouter0.it-datacntr.louisville.edu (Postfix) with ESMTP id 8B5F924D42; Thu, 13 Jan 2000 13:40:01 -0500 (EST) Received: by osaka.louisville.edu (Postfix, from userid 15) id 8ED5118605; Thu, 13 Jan 2000 13:40:00 -0500 (EST) Date: Thu, 13 Jan 2000 13:40:00 -0500 From: Keith Stevenson To: Mark Murray Cc: "Jordan K. Hubbard" , audit@freebsd.org Subject: Re: We need to do an audit of our "crypto", both current and planned. Message-ID: <20000113134000.A66534@osaka.louisville.edu> References: <95546.947784235@zippy.cdrom.com> <200001131743.e0DHhAw70607@gratis.grondar.za> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii X-Mailer: Mutt 1.0pre3i In-Reply-To: <200001131743.e0DHhAw70607@gratis.grondar.za> Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Thu, Jan 13, 2000 at 07:43:09PM +0200, Mark Murray wrote: > > Once the code has been "declared", are we allowed to change it? IANAL, but to quote amendment #3, the next to last line says: "These notifications are only required for the initial export; there are no notification requirements fro end-users subsequently using the source code." That could be a _LOT_ clearer of course. Regards, --Keith Stevenson-- -- Keith Stevenson System Programmer - Data Center Services - University of Louisville k.stevenson@louisville.edu PGP key fingerprint = 4B 29 A8 95 A8 82 EA A2 29 CE 68 DE FC EE B6 A0 To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Thu Jan 13 11:37:23 2000 Delivered-To: freebsd-audit@freebsd.org Received: from gratis.grondar.za (gratis.grondar.za [196.7.18.133]) by hub.freebsd.org (Postfix) with ESMTP id 005F11560D for ; Thu, 13 Jan 2000 11:37:03 -0800 (PST) (envelope-from mark@grondar.za) Received: from grondar.za (localhost [127.0.0.1]) by gratis.grondar.za (8.10.0.Beta6/8.10.0.Beta6) with ESMTP id e0DJagw71253; Thu, 13 Jan 2000 21:36:47 +0200 (SAST) Message-Id: <200001131936.e0DJagw71253@gratis.grondar.za> To: "Jordan K. Hubbard" Cc: audit@freebsd.org Subject: Re: We need to do an audit of our "crypto", both current and planned. References: <39393.947786197@zippy.cdrom.com> In-Reply-To: <39393.947786197@zippy.cdrom.com> ; from "Jordan K. Hubbard" "Thu, 13 Jan 2000 09:56:37 PST." Date: Thu, 13 Jan 2000 21:36:38 +0200 From: Mark Murray Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > > I'm nervous ("paranoid") that "declared" code is somehow set in stone, > > er, red tape, and needs to be "re-declared" after any change. > > I appreciate this, but I certainly don't see anything in the agreement > so far which implies this, and I would expect some far more vocal and > far richer open source players to scream blue murder over this if it > were a one-off deal on the declaration. Everyone involved has got to > know that the code changes too rapidly to make any other approach > practical. Rapid change is something that us "open-sourcers" understand well. Congresscritters understand dusty tomes sitting on shelves with no changes. As long as change is somewhere written for the lawman to see, I reckon I'm happy :-) M -- Mark Murray Join the anti-SPAM movement: http://www.cauce.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message From owner-freebsd-audit Thu Jan 13 11:39:22 2000 Delivered-To: freebsd-audit@freebsd.org Received: from gratis.grondar.za (gratis.grondar.za [196.7.18.133]) by hub.freebsd.org (Postfix) with ESMTP id 726D714D1F for ; Thu, 13 Jan 2000 11:39:17 -0800 (PST) (envelope-from mark@grondar.za) Received: from grondar.za (localhost [127.0.0.1]) by gratis.grondar.za (8.10.0.Beta6/8.10.0.Beta6) with ESMTP id e0DJcbw71281; Thu, 13 Jan 2000 21:38:37 +0200 (SAST) Message-Id: <200001131938.e0DJcbw71281@gratis.grondar.za> To: Keith Stevenson Cc: "Jordan K. Hubbard" , audit@freebsd.org Subject: Re: We need to do an audit of our "crypto", both current and planned. References: <20000113134000.A66534@osaka.louisville.edu> In-Reply-To: <20000113134000.A66534@osaka.louisville.edu> ; from Keith Stevenson "Thu, 13 Jan 2000 13:40:00 EST." Date: Thu, 13 Jan 2000 21:38:37 +0200 From: Mark Murray Sender: owner-freebsd-audit@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG > On Thu, Jan 13, 2000 at 07:43:09PM +0200, Mark Murray wrote: > > > > Once the code has been "declared", are we allowed to change it? > > IANAL, but to quote amendment #3, the next to last line says: > > "These notifications are only required for the initial export; there are no > notification requirements fro end-users subsequently using the source code." Right! What about the programmer trivially turning DES (56-bit) into triple-DES (112-bit)? It that thought doesn't cause conniptions, I'm cool. M -- Mark Murray Join the anti-SPAM movement: http://www.cauce.org To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-audit" in the body of the message