From owner-freebsd-security@FreeBSD.ORG Mon Apr 13 03:40:14 2015 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 1CA4D71F for ; Mon, 13 Apr 2015 03:40:14 +0000 (UTC) Received: from rampage.init4.org (unknown [IPv6:2400:8900::f03c:91ff:fe33:3723]) by mx1.freebsd.org (Postfix) with ESMTP id CE620253 for ; Mon, 13 Apr 2015 03:40:12 +0000 (UTC) Received: from ruxcon.org.au (li1009-6.members.linode.com [45.33.59.6]) by rampage.init4.org (Postfix) with ESMTPS id A27F2E699 for ; Mon, 13 Apr 2015 03:40:11 +0000 (UTC) Received: by ruxcon.org.au (Postfix, from userid 110) id 8246410923; Mon, 13 Apr 2015 03:40:10 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ruxcon.org.au; s=mail; t=1428896410; bh=UNV5fDjcuVlPe2q1/F4mjztd1kwF/b/GFbYuUMDnl2M=; h=Subject:From:To:Date:From; b=HFT7Er/ocu5SHLCDaztVWTjlvWlb4V5k4l0cyPG0ijBe5wy9+hRxPvcGuf6RkyCo6 wwzmnalRadJJS9l0sS5qeLqKt8nO1EPchkOzU1BWGAB+qjr1zRyJljCr4OqYrwmm3g M36660VuUUZdCMZ5kh04XjT0Hu4Iy4VLMRcgWXy4= X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on ruxcon.org.au X-Spam-Level: X-Spam-Status: No, score=-0.9 required=5.0 tests=ALL_TRUSTED,BAYES_00, HTML_MESSAGE,HTML_TAG_BALANCE_BODY,HTML_TAG_BALANCE_HEAD,T_DKIM_INVALID autolearn=disabled version=3.4.0 Received: from ruxcon.org.au (localhost [127.0.0.1]) by ruxcon.org.au (Postfix) with ESMTP id 8988A1092D for ; Mon, 13 Apr 2015 03:40:04 +0000 (UTC) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/simple; d=ruxcon.org.au; s=mail; t=1428896404; bh=UNV5fDjcuVlPe2q1/F4mjztd1kwF/b/GFbYuUMDnl2M=; h=Subject:From:To:Date:From; b=FPjLuQu0OF4A8f93mrnXK5lA+wBHbiucvpWxRULvnQD5LLaUiWgxOU71BBilY6RQM R99+Vqj9h8BiMqg15kuA6yhnUH90Jk9C7TJC4RhsqlHtfL3cpsDN3wOiCy1jeA7arD p+YFX5La3cfki5A7ObXczUAfa1lwbPNXAsh72moI= MIME-Version: 1.0 Subject: Ruxcon 2015 Call For Presentations From: cfp@ruxcon.org.au To: freebsd-security@freebsd.org Date: Mon, 13 Apr 2015 03:40:04 +0000 Message-Id: <20150413034004.8988A1092D@ruxcon.org.au> X-Mailman-Approved-At: Mon, 13 Apr 2015 12:03:17 +0000 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Content-Filtered-By: Mailman/MimeDel 2.1.18-1 X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.18-1 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 13 Apr 2015 03:40:14 -0000 Ruxcon 2015 Call For Presentations Melbourne, Australia, October 24-25 CQ Function Centre http://www.ruxcon.org.au The Ruxcon team is pleased to announce the first round of Call For Presentations for Ruxcon 2015. This year the conference will take place over the weekend of the 24th and 25th of October at the CQ Function Centre, Melbourne, Australia. The deadline for submissions is the 30th of June, 2015. .[x]. About Ruxcon .[x]. Ruxcon is ia premier technical computer security conference in the Australia. The conference aims to bring together the individual talents of the best and brightest security folk in the region, through live presentations, activities and demonstrations. The conference is held over two days in a relaxed atmosphere, allowing attendees to enjoy themselves whilst networking within the community and expanding their knowledge of security. Live presentations and activities will cover a full range of defensive and offensive security topics, varying from previously unpublished research to required reading for the security community. .[x]. Important Dates .[x]. June 30 - Call For Presentations Close October 22-23 - Breakpoint Conference October 24-25 - Ruxcon Conference .[x]. Topic Scope .[x]. o Topics of interest include, but are not limited to: o Mobile Device Security o Virtualization, Hypervisor, and Cloud Security o Malware Analysis o Reverse Engineering o Exploitation Techniques o Rootkit Development o Code Analysis o Forensics and Anti-Forensics o Embedded Device Security o Web Application Security o Network Traffic Analysis o Wireless Network Security o Cryptography and Cryptanalysis o Social Engineering o Law Enforcement Activities o Telecommunications Security (SS7, 3G/4G, GSM, VOIP, etc) .[x]. Submission Guidelines .[x]. In order for us to process your submission we require the following information: 1. Presentation title 2. Detailed summary of your presentation material 3. Name/Nickname 4. Mobile phone number 5. Brief personal biography 6. Description of any demonstrations involved in the presentation 7. Information on where the presentation material has or will be presented before Ruxcon To submit a presentation please use our submission form: http://goo.gl/WXNBvr * As a general guideline, Ruxcon presentations are between 45 and 60 minutes, including question time. .[x]. Contact .[x]. o Email: presentations@ruxcon.org.au o Twitter: @ruxcon From owner-freebsd-security@FreeBSD.ORG Thu Apr 16 19:13:58 2015 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id 06D592E6 for ; Thu, 16 Apr 2015 19:13:58 +0000 (UTC) Received: from sessmg22.ericsson.net (sessmg22.ericsson.net [193.180.251.58]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 5EBF7B59 for ; Thu, 16 Apr 2015 19:13:56 +0000 (UTC) X-AuditID: c1b4fb3a-f79146d0000070a3-1a-55300663b9b5 Received: from ESESSHC016.ericsson.se (Unknown_Domain [153.88.253.124]) by sessmg22.ericsson.net (Symantec Mail Security) with SMTP id C1.E1.28835.36600355; Thu, 16 Apr 2015 20:58:43 +0200 (CEST) Received: from ESESSMB309.ericsson.se ([169.254.9.169]) by ESESSHC016.ericsson.se ([153.88.183.66]) with mapi id 14.03.0210.002; Thu, 16 Apr 2015 20:58:43 +0200 From: =?iso-8859-1?Q?K=E1roly_Arnhoffer?= To: "freebsd-security@freebsd.org" Subject: setgid ssh-agent Thread-Topic: setgid ssh-agent Thread-Index: AdB4dpMMZI+kQKoTQo6vLDjk6ciJlg== Date: Thu, 16 Apr 2015 18:58:42 +0000 Message-ID: <08700910B5A5E84EB1D9B4504501B63D0FB0276D@ESESSMB309.ericsson.se> Accept-Language: en-US Content-Language: en-US X-MS-Has-Attach: X-MS-TNEF-Correlator: x-originating-ip: [153.88.183.150] MIME-Version: 1.0 X-Brightmail-Tracker: H4sIAAAAAAAAA+NgFrrOLMWRmVeSWpSXmKPExsUyM+JvjW4ym0Gowf1/uhY9m56wOTB6zPg0 nyWAMYrLJiU1J7MstUjfLoEr4/q0xYwFPxUrvj25y9zAOFuui5GDQ0LAROL8kdouRk4gU0zi wr31bF2MXBxCAkcZJVpnnmSGcJYwSqyc3skKUsUm4CnR1HkczBYRcJTYPe86O4gtLCAp0bbw GztEXE6i/dszKFtP4velX2A2i4CqxLSHLxhBbF4BX4mbj2eCzWEE2vz91BomEJtZQFzi1pP5 TBAXCUgs2XOeGcIWlXj5+B8rhK0ksWL7JUaI+nyJS92bmSBmCkqcnPmEZQKj0Cwko2YhKZuF pAwiridxY+oUNghbW2LZwtfMELauxIx/h1iQxRcwsq9iFC1OLS7OTTcy0kstykwuLs7P08tL LdnECIyJg1t+W+1gPPjc8RCjAAejEg+vQod+qBBrYllxZe4hRmkOFiVxXjvjQyFCAumJJanZ qakFqUXxRaU5qcWHGJk4OKUaGGMWWbPOaTXbl17fcvXnCjazB88YOFat9HGfHLZ54WyNTjdH 1dTn9WVP763ccP71pue/4vdvs3/YMift79bVd5s+Oro9Y8kRuKj4Xa1+vtS/6/NelNvP3Cbw M/4F0//PFRtrA0177/xY8EXb70THrYWxm+dGh4nl+GvuKJkVHnBWyPjfp2WbpTcqsRRnJBpq MRcVJwIAjVhuRmoCAAA= Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable X-Content-Filtered-By: Mailman/MimeDel 2.1.20 X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 16 Apr 2015 19:13:58 -0000 Hi, As I can see OpenSSH's ssh-agent is not setgid as it is for example in all = the Linux distributions I know. They say ssh-agent is needed to be setgid to a group that owns nothing so t= hat it can be safe from ptrace. It seems to me that ptrace is functionally = the same in FreeBSD as well, even thoug, ssh-agent is not setgid. Some links about the topic: http://unix.stackexchange.com/questions/141082/why-ssh-agent-group-ownershi= p-is-not-root http://serverfault.com/questions/290920/why-does-ssh-agent-have-sgid-set http://comments.gmane.org/gmane.linux.debian.devel.ssh/59 In my FreeBSD 10.1-RELEASE the stock ssh-agent is owned by root:wheel and n= ot setgid. Why? Thanks! Karoly From owner-freebsd-security@FreeBSD.ORG Sat Apr 18 13:52:40 2015 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1.2 with cipher AECDH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTPS id BECA868F for ; Sat, 18 Apr 2015 13:52:40 +0000 (UTC) Received: from mail-ig0-x229.google.com (mail-ig0-x229.google.com [IPv6:2607:f8b0:4001:c05::229]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (Client CN "smtp.gmail.com", Issuer "Google Internet Authority G2" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 8D28671 for ; Sat, 18 Apr 2015 13:52:40 +0000 (UTC) Received: by iget9 with SMTP id t9so40906316ige.1 for ; Sat, 18 Apr 2015 06:52:40 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=myconan.net; s=myconan; h=mime-version:in-reply-to:references:from:date:message-id:subject:to :cc:content-type:content-transfer-encoding; bh=dvItjf2hvuRbFCwblH9fKy+/3ObEjeVpR498U090IJI=; b=KhLTkaAbP7US8Uo3TwFfj0oRXjn0iMi718UCxA+yBQSbVS/A+CFRjwNV7OmZl8GyX9 uHWjhyJyMelTMHbLKxIv+cIbEcVHe82kMV6BT3asulNA6frmny3asGf9bSrw+uMmAo6a WNYmFGf8JrZzgJLW0SlZAUhGH4DDga68zjj6k= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:mime-version:in-reply-to:references:from:date :message-id:subject:to:cc:content-type:content-transfer-encoding; bh=dvItjf2hvuRbFCwblH9fKy+/3ObEjeVpR498U090IJI=; b=APGXD1GuYpyIParC1VgmZQCLqy7UEtwsTBSAcV2szA+5yrVjIsnuRgfGYhtvJOMJbc vPjLmnPGxyRlJZ/3GWCRhLSTdDkLFgDm9DAkvFZ3R6ux1HTXnTE+kIZlh6KQKhaAF6MC UXct+Lg0Jqo4+W67g35xSCttlg/XpWR8Ug7RBGOM6lWRzEz961YMyTAf2L69mHqLP46K WLPNLhkxI0wI5UoTQ/LiinjuzswydtSf1WrZO7KZ1T9e2KX3S5swV3F5b2AjdoE65E/I BaGo88iHTpcZg5JwHWp5KFzq40tMIigpLyLBS4QaVY5clyihC0hKpVDEO6Ne4ABRriPX K0JA== X-Gm-Message-State: ALoCoQnvAMjbubHakdgnRZ02O8ktlTLSCEUmXVb+Zb2Fvy5Q1EKI4CKFc+blBj1gq9WnMPThoi+w X-Received: by 10.50.30.9 with SMTP id o9mr8790153igh.23.1429365159915; Sat, 18 Apr 2015 06:52:39 -0700 (PDT) MIME-Version: 1.0 Received: by 10.64.0.12 with HTTP; Sat, 18 Apr 2015 06:52:09 -0700 (PDT) In-Reply-To: <08700910B5A5E84EB1D9B4504501B63D0FB0276D@ESESSMB309.ericsson.se> References: <08700910B5A5E84EB1D9B4504501B63D0FB0276D@ESESSMB309.ericsson.se> From: Edho Arief Date: Sat, 18 Apr 2015 22:52:09 +0900 Message-ID: Subject: Re: setgid ssh-agent To: =?UTF-8?Q?K=C3=A1roly_Arnhoffer?= Cc: "freebsd-security@freebsd.org" Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: quoted-printable X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 18 Apr 2015 13:52:40 -0000 On Fri, Apr 17, 2015 at 3:58 AM, K=C3=A1roly Arnhoffer wrote: > Hi, > > As I can see OpenSSH's ssh-agent is not setgid as it is for example in al= l the Linux distributions I know. > Just for reference, it's also setgid to a dedicated _sshagnt group in openb= sd.