From owner-freebsd-security@FreeBSD.ORG Sun Aug 10 21:18:33 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7349F37B84A; Sun, 10 Aug 2003 21:17:14 -0700 (PDT) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8C6E044B58; Sun, 10 Aug 2003 19:57:06 -0700 (PDT) (envelope-from security-advisories@freebsd.org) Received: from freefall.freebsd.org (nectar@localhost [127.0.0.1]) by freefall.freebsd.org (8.12.9/8.12.9) with ESMTP id h7B2v6Up061281; Sun, 10 Aug 2003 19:57:06 -0700 (PDT) (envelope-from security-advisories@freebsd.org) Received: (from nectar@localhost) by freefall.freebsd.org (8.12.9/8.12.9/Submit) id h7B2v6YJ061278; Sun, 10 Aug 2003 19:57:06 -0700 (PDT) Date: Sun, 10 Aug 2003 19:57:06 -0700 (PDT) Message-Id: <200308110257.h7B2v6YJ061278@freefall.freebsd.org> X-Authentication-Warning: freefall.freebsd.org: nectar set sender to security-advisories@freebsd.org using -f From: FreeBSD Security Advisories To: FreeBSD Security Advisories Precedence: bulk Subject: FreeBSD Security Advisory FreeBSD-SA-03:09.signal X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Reply-To: security-advisories@freebsd.org List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 11 Aug 2003 04:18:33 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-03:09.signal Security Advisory The FreeBSD Project Topic: Insufficient range checking of signal numbers Category: core Module: sys Announced: 2003-08-10 Affects: All releases of FreeBSD up to and including 4.8-RELEASE-p1, 5.1-RELEASE (but see `Problem Description' below) FreeBSD 4-STABLE prior to the correction date Corrected: 2003-08-10 23:09:28 UTC (RELENG_4) 2003-08-10 23:14:08 UTC (RELENG_5_1) 2003-08-10 23:17:48 UTC (RELENG_5_0) 2003-08-10 23:19:35 UTC (RELENG_4_8) 2003-08-10 23:20:30 UTC (RELENG_4_7) 2003-08-10 23:21:18 UTC (RELENG_4_6) 2003-08-10 23:22:19 UTC (RELENG_4_5) 2003-08-10 23:23:05 UTC (RELENG_4_4) 2003-08-10 23:23:56 UTC (RELENG_4_3) FreeBSD only: YES For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit . I. Background Signals are a UNIX mechanism for handling asynchronous events such as pressing the terminal interrupt key (e.g. Ctrl-C), job control, memory access violations, I/O completion, and many others. Each signal is assigned a positive number. There are a number of mechanisms by which a process may cause a signal to be sent, including using the kill(2) system call or registering with certain device drivers. II. Problem Description Some mechanisms for causing a signal to be sent did not properly validate the signal number, in some cases allowing the kernel to attempt to deliver a negative or out-of-range signal number. Such errors were present in the ptrace(2) system call and the `spigot' video capture device driver. The error in ptrace(2) was introduced in FreeBSD version 4.2-RELEASE (4-STABLE dated Oct 26 04:34:41 2000 UTC). The `spigot' device driver (including the error) was introduced in FreeBSD 2.0.5. It has never been included in the kernel installed by default, nor in the GENERIC kernel configuration. Only systems with `device spigot' added to the kernel configuration are affected by this instance of the error. III. Impact In most cases, attempted delivery of a negative or out-of-range signal number will trigger an assertion failure and panic, thereby crashing the system. A malicious local user could use this vulnerability as a local denial-of-service attack. However, in FreeBSD 5.x, the assertion code is not present if the `INVARIANTS' kernel option is not used. In FreeBSD 5.0-RELEASE and 5.1-RELEASE, `INVARIANTS' is not enabled by default. In this configuration, a malicious local user could use this vulnerability to modify kernel memory, potentially leading to complete system compromise. (FreeBSD 4.x is not vulnerable in this way.) IV. Workaround There is no workaround for the local denial-of-service attack. The more severe impact, present only in FreeBSD 5.x systems, can be avoided by uncommenting or adding the `INVARIANTS' line to your kernel configuration: options INVARIANTS #Enable calls of extra sanity checking Recompile your kernel as described in and reboot the system. NOTE WELL: This workaround is only for FreeBSD 5.x systems. This workaround does not eliminate the possibility of a local denial-of-service attack. V. Solution 1) Upgrade your vulnerable system to 4.8-STABLE, or to any of the RELENG_4_8 (4.8-RELEASE-p2), RELENG_4_7 (4.7-RELEASE-p12), or RELENG_5_1 (5.1-RELEASE-p1) security branches dated after the respective correction dates. 2) To patch your present system: a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. [FreeBSD 5.1-RELEASE] # fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-03:09/signal51.patch # fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-03:09/signal51.patch.asc [FreeBSD 5.0-RELEASE] # fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-03:09/signal50.patch # fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-03:09/signal50.patch.asc [FreeBSD 4.8-RELEASE, 4.8-STABLE, 4.7-STABLE dated Jan 2 20:39:13 2003 UTC or later] # fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-03:09/signal4s.patch # fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-03:09/signal4s.patch.asc [FreeBSD 4.3-RELEASE through 4.7-RELEASE, 4.7-STABLE dated before Jan 2 20:39:13 2003 UTC] # fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-03:09/signal47.patch # fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-03:09/signal47.patch.asc b) Apply the patch. # cd /usr/src # patch < /path/to/patch c) Recompile your kernel as described in and reboot the system. VI. Correction details The following list contains the revision numbers of each file that was corrected in FreeBSD. Branch Revision Path - ------------------------------------------------------------------------- src/sys/UPDATING RELENG_5_1 1.251.2.2 RELENG_5_0 1.229.2.15 RELENG_4_8 1.73.2.80.2.4 RELENG_4_7 1.73.2.74.2.15 RELENG_4_6 1.73.2.68.2.43 RELENG_4_5 1.73.2.50.2.45 RELENG_4_4 1.73.2.43.2.46 RELENG_4_3 1.73.2.28.2.33 src/sys/conf/newvers.sh RELENG_5_1 1.50.2.3 RELENG_5_0 1.48.2.10 RELENG_4_8 1.44.2.29.2.3 RELENG_4_7 1.44.2.26.2.14 RELENG_4_6 1.44.2.23.2.32 RELENG_4_5 1.44.2.20.2.29 RELENG_4_4 1.44.2.17.2.37 RELENG_4_3 1.44.2.14.2.23 src/sys/i386/isa/spigot.c RELENG_4 1.44.2.1 RELENG_5_1 1.58.2.1 RELENG_5_0 1.55.2.1 RELENG_4_8 1.44.14.1 RELENG_4_7 1.44.12.1 RELENG_4_6 1.44.10.1 RELENG_4_5 1.44.8.1 RELENG_4_4 1.44.6.1 RELENG_4_3 1.44.4.1 src/sys/kern/sys_process.c RELENG_4 1.51.2.7 RELENG_5_1 1.108.2.1 RELENG_5_0 1.104.2.1 RELENG_4_8 1.51.2.6.2.1 RELENG_4_7 1.51.2.4.2.1 RELENG_4_6 1.51.2.3.4.1 RELENG_4_5 1.51.2.3.2.1 RELENG_4_4 1.51.2.1.4.2 RELENG_4_3 1.51.2.1.2.2 src/sys/kern_sig.c RELENG_5_1 1.239.2.1 RELENG_5_0 1.197.2.1 - ------------------------------------------------------------------------- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (FreeBSD) iD8DBQE/Nt6VFdaIBMps37IRAs/0AJ9qtj0Cv+y3QjUZXrFDQx00oTv+AwCgnys1 p3OHIN16XjGz8OhmjF1nWKM= =tnsF -----END PGP SIGNATURE----- From owner-freebsd-security@FreeBSD.ORG Sun Aug 10 21:19:08 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 163D237B8F5; Sun, 10 Aug 2003 21:18:03 -0700 (PDT) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id BD44544B63; Sun, 10 Aug 2003 19:57:13 -0700 (PDT) (envelope-from security-advisories@freebsd.org) Received: from freefall.freebsd.org (nectar@localhost [127.0.0.1]) by freefall.freebsd.org (8.12.9/8.12.9) with ESMTP id h7B2vDUp061323; Sun, 10 Aug 2003 19:57:13 -0700 (PDT) (envelope-from security-advisories@freebsd.org) Received: (from nectar@localhost) by freefall.freebsd.org (8.12.9/8.12.9/Submit) id h7B2vDq7061320; Sun, 10 Aug 2003 19:57:13 -0700 (PDT) Date: Sun, 10 Aug 2003 19:57:13 -0700 (PDT) Message-Id: <200308110257.h7B2vDq7061320@freefall.freebsd.org> X-Authentication-Warning: freefall.freebsd.org: nectar set sender to security-advisories@freebsd.org using -f From: FreeBSD Security Advisories To: FreeBSD Security Advisories Precedence: bulk Subject: FreeBSD Security Advisory FreeBSD-SA-03:10.ibcs2 X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Reply-To: security-advisories@freebsd.org List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 11 Aug 2003 04:19:10 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-03:10.ibcs2 Security Advisory The FreeBSD Project Topic: Kernel memory disclosure via ibcs2 Category: core Module: sys Announced: 2003-08-10 Credits: David Rhodus Affects: All FreeBSD releases up to and including 4.8-RELEASE-p2, 5.1-RELEASE-p1 Corrected: 2003-08-10 23:30:18 UTC (RELENG_4) 2003-08-10 23:28:16 UTC (RELENG_5_1) 2003-08-10 23:29:10 UTC (RELENG_5_0) 2003-08-10 23:31:11 UTC (RELENG_4_8) 2003-08-10 23:31:51 UTC (RELENG_4_7) 2003-08-10 23:32:22 UTC (RELENG_4_6) 2003-08-10 23:32:44 UTC (RELENG_4_5) 2003-08-10 23:33:18 UTC (RELENG_4_4) 2003-08-10 23:33:50 UTC (RELENG_4_3) 2003-08-10 23:35:21 UTC (RELENG_3) FreeBSD only: YES For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit . I. Background FreeBSD contains a kernel option (IBCS2) and kernel loadable module (ibcs2.ko) that provide system call translation for running Intel Binary Compatibility Specification 2 (iBCS2) compliant programs. It is not enabled in FreeBSD by default. II. Problem Description The iBCS2 system call translator for statfs(2) erroneously used the user-supplied length parameter when copying a kernel data structure into userland. If the length parameter were larger than required, then instead of copying only the statfs-related data structure, additional kernel memory would also be made available to the user. III. Impact If iBCS2 support were enabled, a malicious user could call the iBCS2 version of statfs(2) with an arbitrarily large length parameter, causing the kernel to return a large portion of kernel memory. Such memory might contain sensitive information, such as portions of the file cache or terminal buffers. This information might be directly useful, or it might be leveraged to obtain elevated privileges in some way. For example, a terminal buffer might include a user-entered password. iBCS2 support is only present if the system administrator has enabled it by including `option IBCS2' in the kernel configuration file, or loaded it dynamically using kldload(8) or by setting `ibcs2_enable' in rc.conf(5). IV. Workaround Disable iBCS2 support if it is enabled. V. Solution 1) Upgrade your vulnerable system to 4.8-STABLE, or to any of the RELENG_4_8 (4.8-RELEASE-p3), RELENG_4_7 (4.7-RELEASE-p13), or RELENG_5_1 (5.1-RELEASE-p2) security branches dated after the respective correction dates. 2) To patch your present system: a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. The following patch has been tested to apply to all FreeBSD 3.x, 4.x, and 5.x releases. # fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-03:10/ibcs2.patch # fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-03:10/ibcs2.patch.asc b) Apply the patch. # cd /usr/src # patch < /path/to/patch c) Recompile your kernel as described in and reboot the system. VI. Correction details The following list contains the revision numbers of each file that was corrected in FreeBSD. Path Revision Branch - ------------------------------------------------------------------------- src/UPDATING RELENG_5_1 1.251.2.3 RELENG_5_0 1.229.2.16 RELENG_4_8 1.73.2.80.2.5 RELENG_4_7 1.73.2.74.2.16 RELENG_4_6 1.73.2.68.2.44 RELENG_4_5 1.73.2.50.2.46 RELENG_4_4 1.73.2.43.2.47 RELENG_4_3 1.73.2.28.2.34 src/sys/conf/newvers.sh RELENG_5_1 1.50.2.4 RELENG_5_0 1.48.2.11 RELENG_4_8 1.44.2.29.2.4 RELENG_4_7 1.44.2.26.2.15 RELENG_4_6 1.44.2.23.2.33 RELENG_4_5 1.44.2.20.2.30 RELENG_4_4 1.44.2.17.2.38 RELENG_4_3 1.44.2.14.2.24 src/sys/i386/ibcs2/ibcs2_stat.c RELENG_4 1.10.2.1 RELENG_5_1 1.21.2.1 RELENG_5_0 1.16.2.2 RELENG_4_8 1.10.14.1 RELENG_4_7 1.10.12.1 RELENG_4_6 1.10.10.1 RELENG_4_5 1.10.8.1 RELENG_4_4 1.10.6.1 RELENG_4_3 1.10.4.1 RELENG_3 1.8.2.1 - ------------------------------------------------------------------------- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (FreeBSD) iD8DBQE/Nt6YFdaIBMps37IRAtuMAJ4r2aUyHWiYDuUvrVyRlh0n7mF6FQCgmDiw GOMr9asJmVzpRozE11KvtaE= =cLnc -----END PGP SIGNATURE----- From owner-freebsd-security@FreeBSD.ORG Sun Aug 10 23:33:16 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E215B37B401 for ; Sun, 10 Aug 2003 23:33:16 -0700 (PDT) Received: from mx1.tekgenesis.net (server1.cluster1.tekgenesis.net [64.235.250.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 5625343F85 for ; Sun, 10 Aug 2003 23:33:16 -0700 (PDT) (envelope-from wiz@mx1.tekgenesis.net) Received: by mx1.tekgenesis.net (Postfix, from userid 1000) id 33E11B8B6; Sun, 10 Aug 2003 20:33:16 -1000 (HST) Date: Sun, 10 Aug 2003 20:33:16 -1000 From: Jason Dambrosio To: FreeBSD Security Advisories Message-ID: <20030811063316.GA85000@tekgenesis.net> References: <200308110257.h7B2v6YJ061278@freefall.freebsd.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <200308110257.h7B2v6YJ061278@freefall.freebsd.org> User-Agent: Mutt/1.4i Subject: Re: FreeBSD Security Advisory FreeBSD-SA-03:09.signal X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 11 Aug 2003 06:33:17 -0000 On Sun, Aug 10, 2003 at 07:57:06PM -0700, FreeBSD Security Advisories wrote: > II. Problem Description > > Some mechanisms for causing a signal to be sent did not properly > validate the signal number, in some cases allowing the kernel to > attempt to deliver a negative or out-of-range signal number. Such > errors were present in the ptrace(2) system call and the `spigot' > video capture device driver. > > The error in ptrace(2) was introduced in FreeBSD version 4.2-RELEASE > (4-STABLE dated Oct 26 04:34:41 2000 UTC). ... > IV. Workaround > > There is no workaround for the local denial-of-service attack. Wouldn't a possible workaround be, to load a kld module that would replace the ptrace(2) system call with a patched one? I remember doing such a trick for modifying other system calls using kld modules... Jason From owner-freebsd-security@FreeBSD.ORG Sun Aug 10 23:47:24 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 01DD737B401 for ; Sun, 10 Aug 2003 23:47:24 -0700 (PDT) Received: from hysteria.spc.org (hysteria.spc.org [195.206.69.234]) by mx1.FreeBSD.org (Postfix) with SMTP id D81A043F75 for ; Sun, 10 Aug 2003 23:47:22 -0700 (PDT) (envelope-from bms@hysteria.spc.org) Received: (qmail 7704 invoked by uid 5013); 11 Aug 2003 06:44:38 -0000 Date: Mon, 11 Aug 2003 07:44:38 +0100 From: Bruce M Simpson To: Jason Dambrosio Message-ID: <20030811064438.GG31845@spc.org> References: <200308110257.h7B2v6YJ061278@freefall.freebsd.org> <20030811063316.GA85000@tekgenesis.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20030811063316.GA85000@tekgenesis.net> User-Agent: Mutt/1.4.1i Organization: SPC cc: FreeBSD Security Advisories Subject: Re: FreeBSD Security Advisory FreeBSD-SA-03:09.signal X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 11 Aug 2003 06:47:24 -0000 On Sun, Aug 10, 2003 at 08:33:16PM -1000, Jason Dambrosio wrote: > Wouldn't a possible workaround be, to load a kld module that would > replace the ptrace(2) system call with a patched one? I remember doing > such a trick for modifying other system calls using kld modules... That isn't really a solution; more of a band-aid. Besides, if someone compromises the system in some other way, they can just remove your module or unload it. Unless you're a big securelevels fan. BMS From owner-freebsd-security@FreeBSD.ORG Mon Aug 11 00:01:03 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9728F37B401 for ; Mon, 11 Aug 2003 00:01:03 -0700 (PDT) Received: from mx1.tekgenesis.net (server1.cluster1.tekgenesis.net [64.235.250.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 31D3243F3F for ; Mon, 11 Aug 2003 00:01:03 -0700 (PDT) (envelope-from wiz@mx1.tekgenesis.net) Received: by mx1.tekgenesis.net (Postfix, from userid 1000) id 36AA2B8B6; Sun, 10 Aug 2003 21:01:03 -1000 (HST) Date: Sun, 10 Aug 2003 21:01:03 -1000 From: Jason Dambrosio To: Bruce M Simpson Message-ID: <20030811070103.GB85000@tekgenesis.net> References: <200308110257.h7B2v6YJ061278@freefall.freebsd.org> <20030811063316.GA85000@tekgenesis.net> <20030811064438.GG31845@spc.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20030811064438.GG31845@spc.org> User-Agent: Mutt/1.4i cc: FreeBSD Security Advisories Subject: Re: FreeBSD Security Advisory FreeBSD-SA-03:09.signal X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 11 Aug 2003 07:01:03 -0000 On Mon, Aug 11, 2003 at 07:44:38AM +0100, Bruce M Simpson wrote: > On Sun, Aug 10, 2003 at 08:33:16PM -1000, Jason Dambrosio wrote: > > Wouldn't a possible workaround be, to load a kld module that would > > replace the ptrace(2) system call with a patched one? I remember doing > > such a trick for modifying other system calls using kld modules... > > That isn't really a solution; more of a band-aid. That's exactly why I called it a workaround and not a solution. The primary idea of a workaround being to avoid having downtime for a reboot to patch the kernel until your next scheduled maintence window. > Besides, if someone compromises the system in some other way, they can > just remove your module or unload it. Unless you're a big securelevels fan. If someone compromises the system via some other method, why would they care about unloading a module if they already have root? My point was simply that the advisory said there was no workaround, but I believe you could use this method as a workaround. Jason From owner-freebsd-security@FreeBSD.ORG Mon Aug 11 01:30:13 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A744F37B404 for ; Mon, 11 Aug 2003 01:30:13 -0700 (PDT) Received: from hysteria.spc.org (hysteria.spc.org [195.206.69.234]) by mx1.FreeBSD.org (Postfix) with SMTP id 4DBB043FB1 for ; Mon, 11 Aug 2003 01:30:12 -0700 (PDT) (envelope-from bms@hysteria.spc.org) Received: (qmail 10549 invoked by uid 5013); 11 Aug 2003 08:27:28 -0000 Date: Mon, 11 Aug 2003 09:27:28 +0100 From: Bruce M Simpson To: nectar@freebsd.org Message-ID: <20030811082728.GH31845@spc.org> References: <20030811080918.GI25513@spc.org> Mime-Version: 1.0 Content-Type: multipart/mixed; boundary="KDt/GgjP6HVcx58l" Content-Disposition: inline In-Reply-To: <20030811080918.GI25513@spc.org> User-Agent: Mutt/1.4.1i Organization: SPC cc: security@freebsd.org Subject: Re: Kernel build fails (RELENG_4_5) X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 11 Aug 2003 08:30:14 -0000 --KDt/GgjP6HVcx58l Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Hi Jacques, list, On Mon, Aug 11, 2003 at 09:09:18AM +0100, Bruce M Simpson wrote: > cc -c -O -pipe -Wall -Wredundant-decls -Wnested-externs -Wstrict-prototypes -Wmissing-prototypes -Wpointer-arith -Winline -Wcast-qual -fformat-extensions -ansi -g -nostdinc -I- -I. -I/usr/src/sys -I/usr/src/sys/../include -I/usr/src/sys/contrib/ipfilter -D_KERNEL -include opt_global.h -elf -mpreferred-stack-boundary=2 /usr/src/sys/kern/sys_process.c > /usr/src/sys/kern/sys_process.c: In function `ptrace': > /usr/src/sys/kern/sys_process.c:338: `data' undeclared (first use in this function) ... > *** Error code 1 This looks like it fixes the buildkernel on RELENG_4_5 branch (attached). BMS --KDt/GgjP6HVcx58l Content-Type: text/plain; charset=us-ascii Content-Disposition: attachment; filename="sys_process.bms.diff" --- sys_process.c.bms Mon Aug 11 09:22:08 2003 +++ sys_process.c Mon Aug 11 09:22:28 2003 @@ -335,7 +335,7 @@ case PT_CONTINUE: case PT_DETACH: /* Zero means do not send any signal */ - if (data < 0 || data > _SIG_MAXSIG) + if (uap->data < 0 || uap->data > _SIG_MAXSIG) return EINVAL; PHOLD(p); --KDt/GgjP6HVcx58l-- From owner-freebsd-security@FreeBSD.ORG Mon Aug 11 01:48:17 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B43A137B401 for ; Mon, 11 Aug 2003 01:48:17 -0700 (PDT) Received: from hysteria.spc.org (hysteria.spc.org [195.206.69.234]) by mx1.FreeBSD.org (Postfix) with SMTP id A450A43FB1 for ; Mon, 11 Aug 2003 01:48:16 -0700 (PDT) (envelope-from bms@hysteria.spc.org) Received: (qmail 10983 invoked by uid 5013); 11 Aug 2003 08:45:32 -0000 Date: Mon, 11 Aug 2003 09:45:32 +0100 From: Bruce M Simpson To: nectar@freebsd.org Message-ID: <20030811084532.GI31845@spc.org> References: <20030811080918.GI25513@spc.org> <20030811082728.GH31845@spc.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20030811082728.GH31845@spc.org> User-Agent: Mutt/1.4.1i Organization: SPC cc: security@freebsd.org Subject: Re: Kernel build fails (RELENG_4_5) X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 11 Aug 2003 08:48:18 -0000 My bad. I thought I'd updated this box to RELENG_4_5. Obviously this is down to lack of sleep. This all applied to RELENG_4_4. Sorry folks! BMS On Mon, Aug 11, 2003 at 09:27:28AM +0100, Bruce M Simpson wrote: > This looks like it fixes the buildkernel on RELENG_4_5 branch (attached). From owner-freebsd-security@FreeBSD.ORG Mon Aug 11 03:11:23 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9896C37B401 for ; Mon, 11 Aug 2003 03:11:23 -0700 (PDT) Received: from gw.celabo.org (gw.celabo.org [208.42.49.153]) by mx1.FreeBSD.org (Postfix) with ESMTP id D5D7643F85 for ; Mon, 11 Aug 2003 03:11:22 -0700 (PDT) (envelope-from nectar@celabo.org) Received: from madman.celabo.org (madman.celabo.org [10.0.1.111]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "madman.celabo.org", Issuer "celabo.org CA" (verified OK)) by gw.celabo.org (Postfix) with ESMTP id 6CFDB5482B; Mon, 11 Aug 2003 05:11:22 -0500 (CDT) Received: by madman.celabo.org (Postfix, from userid 1001) id 015F56D461; Mon, 11 Aug 2003 05:11:21 -0500 (CDT) Date: Mon, 11 Aug 2003 05:11:21 -0500 From: "Jacques A. Vidrine" To: Bruce M Simpson Message-ID: <20030811101121.GA36165@madman.celabo.org> References: <20030811080918.GI25513@spc.org> <20030811082728.GH31845@spc.org> <20030811084532.GI31845@spc.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20030811084532.GI31845@spc.org> X-Url: http://www.celabo.org/ User-Agent: Mutt/1.5.4i-ja.1 cc: security@freebsd.org Subject: Re: Kernel build fails (RELENG_4_5) X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 11 Aug 2003 10:11:23 -0000 On Mon, Aug 11, 2003 at 09:45:32AM +0100, Bruce M Simpson wrote: > My bad. I thought I'd updated this box to RELENG_4_5. Obviously this is > down to lack of sleep. This all applied to RELENG_4_4. Sorry folks! No, it looks like I applied the wrong patch to RELENG_4[34567] :-/ Too many branches! :-) Fixing now. Cheers, -- Jacques Vidrine . NTT/Verio SME . FreeBSD UNIX . Heimdal nectar@celabo.org . jvidrine@verio.net . nectar@freebsd.org . nectar@kth.se From owner-freebsd-security@FreeBSD.ORG Mon Aug 11 03:23:29 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3935037B401 for ; Mon, 11 Aug 2003 03:23:29 -0700 (PDT) Received: from gw.celabo.org (gw.celabo.org [208.42.49.153]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8B8B043F85 for ; Mon, 11 Aug 2003 03:23:28 -0700 (PDT) (envelope-from nectar@celabo.org) Received: from madman.celabo.org (madman.celabo.org [10.0.1.111]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "madman.celabo.org", Issuer "celabo.org CA" (verified OK)) by gw.celabo.org (Postfix) with ESMTP id 0CD425482B; Mon, 11 Aug 2003 05:23:28 -0500 (CDT) Received: by madman.celabo.org (Postfix, from userid 1001) id A17166D461; Mon, 11 Aug 2003 05:23:27 -0500 (CDT) Date: Mon, 11 Aug 2003 05:23:27 -0500 From: "Jacques A. Vidrine" To: Jason Dambrosio Message-ID: <20030811102327.GB36165@madman.celabo.org> References: <200308110257.h7B2v6YJ061278@freefall.freebsd.org> <20030811063316.GA85000@tekgenesis.net> <20030811064438.GG31845@spc.org> <20030811070103.GB85000@tekgenesis.net> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20030811070103.GB85000@tekgenesis.net> X-Url: http://www.celabo.org/ User-Agent: Mutt/1.5.4i-ja.1 cc: FreeBSD Security Advisories Subject: Re: FreeBSD Security Advisory FreeBSD-SA-03:09.signal X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 11 Aug 2003 10:23:29 -0000 On Sun, Aug 10, 2003 at 09:01:03PM -1000, Jason Dambrosio wrote: > My point was simply that the advisory said there was no workaround, > but I believe you could use this method as a workaround. In the advisories, I try to point out practical workarounds for end-users. I don't have a ptrace(2)-replacing KLD handy for all branches and configurations. Interesting thought, though. Cheers, -- Jacques Vidrine . NTT/Verio SME . FreeBSD UNIX . Heimdal nectar@celabo.org . jvidrine@verio.net . nectar@freebsd.org . nectar@kth.se From owner-freebsd-security@FreeBSD.ORG Mon Aug 11 03:25:07 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9F2D037B405 for ; Mon, 11 Aug 2003 03:25:07 -0700 (PDT) Received: from gw.celabo.org (gw.celabo.org [208.42.49.153]) by mx1.FreeBSD.org (Postfix) with ESMTP id 15C6943FD7 for ; Mon, 11 Aug 2003 03:25:06 -0700 (PDT) (envelope-from nectar@celabo.org) Received: from madman.celabo.org (madman.celabo.org [10.0.1.111]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "madman.celabo.org", Issuer "celabo.org CA" (verified OK)) by gw.celabo.org (Postfix) with ESMTP id 09B0F5482B; Mon, 11 Aug 2003 05:25:05 -0500 (CDT) Received: by madman.celabo.org (Postfix, from userid 1001) id BAC1B6D461; Mon, 11 Aug 2003 05:25:04 -0500 (CDT) Date: Mon, 11 Aug 2003 05:25:04 -0500 From: "Jacques A. Vidrine" To: Bruce M Simpson , Anil Message-ID: <20030811102504.GC36165@madman.celabo.org> References: <20030811080918.GI25513@spc.org> <20030811082728.GH31845@spc.org> <20030811084532.GI31845@spc.org> <20030811101121.GA36165@madman.celabo.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20030811101121.GA36165@madman.celabo.org> X-Url: http://www.celabo.org/ User-Agent: Mutt/1.5.4i-ja.1 cc: security@freebsd.org Subject: Re: Kernel build fails (RELENG_4_5) X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 11 Aug 2003 10:25:08 -0000 On Mon, Aug 11, 2003 at 05:11:21AM -0500, Jacques A. Vidrine wrote: > On Mon, Aug 11, 2003 at 09:45:32AM +0100, Bruce M Simpson wrote: > > My bad. I thought I'd updated this box to RELENG_4_5. Obviously this is > > down to lack of sleep. This all applied to RELENG_4_4. Sorry folks! > > No, it looks like I applied the wrong patch to RELENG_4[34567] :-/ > Too many branches! :-) > > Fixing now. Somehow last night I screwed up with RELENG_4_[67]... the others were OK. Sorry for any inconvenience, folks! Cheers, -- Jacques Vidrine . NTT/Verio SME . FreeBSD UNIX . Heimdal nectar@celabo.org . jvidrine@verio.net . nectar@freebsd.org . nectar@kth.se From owner-freebsd-security@FreeBSD.ORG Mon Aug 11 04:18:39 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3633337B401 for ; Mon, 11 Aug 2003 04:18:39 -0700 (PDT) Received: from mail.procreditbank.com (mail.procreditbank.com [212.95.179.198]) by mx1.FreeBSD.org (Postfix) with SMTP id 7C90E43FA3 for ; Mon, 11 Aug 2003 04:18:37 -0700 (PDT) (envelope-from i.tanusheff@procreditbank.com) Received: (qmail 20878 invoked from network); 11 Aug 2003 11:18:33 -0000 Received: from unknown (HELO itaush) (172.16.248.250) by proxy.procreditbank.bg with SMTP; 11 Aug 2003 11:18:33 -0000 From: "Ivailo Tanusheff" To: "FreeBSD Questions" , "FreeBSD Security" Date: Mon, 11 Aug 2003 14:18:33 +0300 Organization: ProCredit Bank Message-ID: <044701c35ffa$4d357e80$faf810ac@sof.procreditbank.bg> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ASCII" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook, Build 10.0.2627 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Importance: Normal Subject: mail dublicate X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: I.Tanusheff@procreditbank.com List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 11 Aug 2003 11:18:39 -0000 Hi, I have a problem - we need to make a copy of every e-mail send to and from our users, so we can track any flow of information. How may I achieve this with qmail? Thank you in advantage, Ivailo Tanusheff From owner-freebsd-security@FreeBSD.ORG Mon Aug 11 09:38:33 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id DB94837B401 for ; Mon, 11 Aug 2003 09:38:33 -0700 (PDT) Received: from fledge.watson.org (fledge.watson.org [204.156.12.50]) by mx1.FreeBSD.org (Postfix) with ESMTP id 1B38343FBF for ; Mon, 11 Aug 2003 09:38:33 -0700 (PDT) (envelope-from robert@fledge.watson.org) Received: from fledge.watson.org (localhost [127.0.0.1]) by fledge.watson.org (8.12.9/8.12.9) with ESMTP id h7BGcCAL065492; Mon, 11 Aug 2003 12:38:12 -0400 (EDT) (envelope-from robert@fledge.watson.org) Received: from localhost (robert@localhost)h7BGcB8X065489; Mon, 11 Aug 2003 12:38:12 -0400 (EDT) Date: Mon, 11 Aug 2003 12:38:11 -0400 (EDT) From: Robert Watson X-Sender: robert@fledge.watson.org To: Jason Dambrosio In-Reply-To: <20030811063316.GA85000@tekgenesis.net> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII cc: FreeBSD Security Advisories Subject: Re: FreeBSD Security Advisory FreeBSD-SA-03:09.signal X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 11 Aug 2003 16:38:34 -0000 On Sun, 10 Aug 2003, Jason Dambrosio wrote: > > IV. Workaround > > > > There is no workaround for the local denial-of-service attack. > > Wouldn't a possible workaround be, to load a kld module that would > replace the ptrace(2) system call with a patched one? I remember doing > such a trick for modifying other system calls using kld modules... Yes; it should be fairly trivial to write a kernel module that modifies the system call vector to wrap the current ptrace() and performs extra run-time argument checking. Off-hand, I don't remember if the ptrace() argument in question involves an extra copyin() -- if so, a competent attacker could race the system call wrapper, but if not, it should be pretty secure. I was thinking about writing one while driving to work today; I may get around to it this evening sometime, unless someone else gets there first. I know we support ptrace() in the Linux emulation on -current (maybe also -stable) -- I'm not sure if you'd also need to wrap that interface or not. Robert N M Watson FreeBSD Core Team, TrustedBSD Projects robert@fledge.watson.org Network Associates Laboratories From owner-freebsd-security@FreeBSD.ORG Mon Aug 11 13:28:43 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 11A3B37B404 for ; Mon, 11 Aug 2003 13:28:43 -0700 (PDT) Received: from marklar.blazingdot.com (marklar.blazingdot.com [207.154.84.83]) by mx1.FreeBSD.org (Postfix) with SMTP id 39DA243F93 for ; Mon, 11 Aug 2003 13:28:42 -0700 (PDT) (envelope-from marcus@blazingdot.com) Received: (qmail 32206 invoked by uid 503); 11 Aug 2003 20:28:42 -0000 Date: Mon, 11 Aug 2003 13:28:42 -0700 From: Marcus Reid To: Lowell Gilbert Message-ID: <20030811202841.GA29452@blazingdot.com> References: <44llu6v432.fsf@be-well.ilk.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <44llu6v432.fsf@be-well.ilk.org> X-Coffee-Level: nearly-fatal User-Agent: Mutt/1.5.4i cc: freebsd@critesclan.com cc: freebsd-security@freebsd.org Subject: Re: statically compiled files left over after a 'make world' X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 11 Aug 2003 20:28:43 -0000 On Wed, Aug 06, 2003 at 06:00:49PM -0400, Lowell Gilbert wrote: > writes: > > > I'm not sure if there is a "deal" to be made over this, but the question > > still remains. What do you do with those programs that have not been rebuilt > > in a buildworld? Are they security risks? Are they simply things missed in > > the make, and someone needs to add them in? > > > > The impression I have is that anything not rebuilt after the above process > > is an error condition that should be addressed. Am I wrong? > > With a couple of exceptions, you're right. The exceptions, however, > are important. One is programs that weren't in the base system to > begin with; there are again two types of these: those that have been > mistakenly installed to base system directories (this occasionally > happens with broken ports), and /stand, which is installed by the > initial install but is not part of the base system (if you want an > updated version, you have to build it separately). The other > exception is things that *used* to be in the base system, but have > been removed. These (an example is kernfs support) can be safely > removed, but there is currently no mechanism to do so automatically. It's a fairly time-consuming process, but on occasion I like to do a 'make world DESTDIR=$D' where D is an optional install root, and then compare the resulting tree with the real root and remove any cruft that might be laying around. AFAIK this is the only way to accomplish this. Marcus From owner-freebsd-security@FreeBSD.ORG Mon Aug 11 14:08:28 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5F06A37B401 for ; Mon, 11 Aug 2003 14:08:28 -0700 (PDT) Received: from fubar.adept.org (fubar.adept.org [63.147.172.249]) by mx1.FreeBSD.org (Postfix) with ESMTP id F119343FAF for ; Mon, 11 Aug 2003 14:08:27 -0700 (PDT) (envelope-from mike@adept.org) Received: by fubar.adept.org (Postfix, from userid 1001) id 6978B15256; Mon, 11 Aug 2003 14:08:27 -0700 (PDT) Received: from localhost (localhost [127.0.0.1]) by fubar.adept.org (Postfix) with ESMTP id 656E01524D for ; Mon, 11 Aug 2003 14:08:27 -0700 (PDT) Date: Mon, 11 Aug 2003 14:08:27 -0700 (PDT) From: Mike Hoskins To: security@freebsd.org Message-ID: <20030811133749.U27196@fubar.adept.org> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Subject: realpath(3) et al X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 11 Aug 2003 21:08:28 -0000 First, I hope that this message is not considered flame bait. As someone who has used FreeBSD for for 5+ years now, I have a genuine interest in the integrity of our source code. Second, I hope that this message is not taken as any form of insult or finger pointing. Software without bugs does not exist, and I think we all know that. Acknowledging that point and working to mitigate the risks associated with it would seem to be our only real option. That said, every time something like the recent realpath(3) issue comes to light, I find myself asking why I haven't at least tried to do more to review our source code or (more desirable) enable 3rd-party audits. My question is... If enabling a 3rd-party audit for some target release (5.3+ I'd assume) is desirable, what would be needed money-, time- and other-wise? I'm willing to invest both time and money to make this happen. I'd expect such an endeavor to be tedious and expensive... and, of course, it would really need to be repeated occasionally to be of real value. (Probably, at least, after major version number changes.) However, perhaps doing an audit of the base system now would help our image in the security community? All I know is, despite occasional arguments and rants, I like FreeBSD. As long as it exists, I plan to have it installed... So it is in my best interest to help in any way I can. I know projects like secure/trustedBSD exist, but I am really looking for ways to promote the trust of the base system more than specialized projects/branches. Thoughts? -mrh -- From: "Spam Catcher" To: spam-catcher@adept.org Do NOT send email to the address listed above or you will be added to a blacklist! From owner-freebsd-security@FreeBSD.ORG Mon Aug 11 14:12:11 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 470C737B401 for ; Mon, 11 Aug 2003 14:12:11 -0700 (PDT) Received: from amsfep14-int.chello.nl (amsfep14-int.chello.nl [213.46.243.22]) by mx1.FreeBSD.org (Postfix) with ESMTP id B671F43F93 for ; Mon, 11 Aug 2003 14:12:09 -0700 (PDT) (envelope-from dodell@sitetronics.com) Received: from internal ([213.46.141.159]) by amsfep14-int.chello.nl (InterMail vM.5.01.05.17 201-253-122-126-117-20021021) with ESMTP id <20030811211208.HVVJ15718.amsfep14-int.chello.nl@internal>; Mon, 11 Aug 2003 23:12:08 +0200 From: "Devon H. O'Dell" To: "'Mike Hoskins'" , Date: Mon, 11 Aug 2003 23:11:46 +0200 Organization: SiteTronics Message-ID: <000501c3604d$314639a0$9f8d2ed5@internal> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook, Build 10.0.4510 In-Reply-To: <20030811133749.U27196@fubar.adept.org> X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 Importance: Normal Subject: RE: realpath(3) et al X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 11 Aug 2003 21:12:11 -0000 I don't have jewels flowing out of my pockets, so to speak, but I'd be interested in contributing time/money in this sort of endeavor as well. = I'm tired of people not taking the stability and security very seriously. Kind regards, Devon H. O'Dell Systems and Network Engineer Simpli, Inc. Web Hosting http://www.simpli.biz > -----Oorspronkelijk bericht----- > Van: owner-freebsd-security@freebsd.org [mailto:owner-freebsd- > security@freebsd.org] Namens Mike Hoskins > Verzonden: Monday, August 11, 2003 11:08 PM > Aan: security@freebsd.org > Onderwerp: realpath(3) et al >=20 >=20 > First, I hope that this message is not considered flame bait. As = someone > who has used FreeBSD for for 5+ years now, I have a genuine interest = in > the integrity of our source code. >=20 > Second, I hope that this message is not taken as any form of insult or > finger pointing. Software without bugs does not exist, and I think we = all > know that. Acknowledging that point and working to mitigate the risks > associated with it would seem to be our only real option. >=20 > That said, every time something like the recent realpath(3) issue = comes > to light, I find myself asking why I haven't at least tried to do more = to > review our source code or (more desirable) enable 3rd-party audits. >=20 > My question is... If enabling a 3rd-party audit for some target = release > (5.3+ I'd assume) is desirable, what would be needed money-, time- and > other-wise? I'm willing to invest both time and money to make this > happen. I'd expect such an endeavor to be tedious and expensive... = and, > of course, it would really need to be repeated occasionally to be of = real > value. (Probably, at least, after major version number changes.) > However, perhaps doing an audit of the base system now would help our > image in the security community? >=20 > All I know is, despite occasional arguments and rants, I like FreeBSD. > As long as it exists, I plan to have it installed... So it is in my = best > interest to help in any way I can. I know projects like = secure/trustedBSD > exist, but I am really looking for ways to promote the trust of the = base > system more than specialized projects/branches. >=20 > Thoughts? >=20 > -mrh >=20 > -- > From: "Spam Catcher" > To: spam-catcher@adept.org > Do NOT send email to the address listed above or > you will be added to a blacklist! > _______________________________________________ > freebsd-security@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "freebsd-security- > unsubscribe@freebsd.org" From owner-freebsd-security@FreeBSD.ORG Mon Aug 11 14:45:40 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id EFAE637B401 for ; Mon, 11 Aug 2003 14:45:39 -0700 (PDT) Received: from priv-edtnes61.telusplanet.net (outbound01.telus.net [199.185.220.220]) by mx1.FreeBSD.org (Postfix) with ESMTP id 21BF743F3F for ; Mon, 11 Aug 2003 14:45:39 -0700 (PDT) (envelope-from wwk761@telus.net) Received: from BRZMI ([64.180.100.146]) by priv-edtnes61.telusplanet.net (InterMail vM.5.01.05.17 201-253-122-126-117-20021021) with SMTP id <20030811214538.SJBC27895.priv-edtnes61.telusplanet.net@BRZMI>; Mon, 11 Aug 2003 15:45:38 -0600 Message-ID: <000501c36051$e7149890$e901a8c0@BRZMI> From: "Wlodek" To: References: <000501c3604d$314639a0$9f8d2ed5@internal> Date: Mon, 11 Aug 2003 14:45:35 -0700 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1158 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 cc: dodell@sitetronics.com Subject: Re: realpath(3) et al X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 11 Aug 2003 21:45:40 -0000 count me in as well /r/ wlodek ----- Original Message ----- From: "Devon H. O'Dell" To: "'Mike Hoskins'" ; Sent: Monday, August 11, 2003 2:11 PM Subject: RE: realpath(3) et al I don't have jewels flowing out of my pockets, so to speak, but I'd be interested in contributing time/money in this sort of endeavor as well. I'm tired of people not taking the stability and security very seriously. Kind regards, Devon H. O'Dell Systems and Network Engineer Simpli, Inc. Web Hosting http://www.simpli.biz > -----Oorspronkelijk bericht----- > Van: owner-freebsd-security@freebsd.org [mailto:owner-freebsd- > security@freebsd.org] Namens Mike Hoskins > Verzonden: Monday, August 11, 2003 11:08 PM > Aan: security@freebsd.org > Onderwerp: realpath(3) et al > > > First, I hope that this message is not considered flame bait. As someone > who has used FreeBSD for for 5+ years now, I have a genuine interest in > the integrity of our source code. > > Second, I hope that this message is not taken as any form of insult or > finger pointing. Software without bugs does not exist, and I think we all > know that. Acknowledging that point and working to mitigate the risks > associated with it would seem to be our only real option. > > That said, every time something like the recent realpath(3) issue comes > to light, I find myself asking why I haven't at least tried to do more to > review our source code or (more desirable) enable 3rd-party audits. > > My question is... If enabling a 3rd-party audit for some target release > (5.3+ I'd assume) is desirable, what would be needed money-, time- and > other-wise? I'm willing to invest both time and money to make this > happen. I'd expect such an endeavor to be tedious and expensive... and, > of course, it would really need to be repeated occasionally to be of real > value. (Probably, at least, after major version number changes.) > However, perhaps doing an audit of the base system now would help our > image in the security community? > > All I know is, despite occasional arguments and rants, I like FreeBSD. > As long as it exists, I plan to have it installed... So it is in my best > interest to help in any way I can. I know projects like secure/trustedBSD > exist, but I am really looking for ways to promote the trust of the base > system more than specialized projects/branches. > > Thoughts? > > -mrh > > -- > From: "Spam Catcher" > To: spam-catcher@adept.org > Do NOT send email to the address listed above or > you will be added to a blacklist! > _______________________________________________ > freebsd-security@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "freebsd-security- > unsubscribe@freebsd.org" _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org" From owner-freebsd-security@FreeBSD.ORG Mon Aug 11 14:53:09 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8ECE637B401 for ; Mon, 11 Aug 2003 14:53:09 -0700 (PDT) Received: from smtp.sw.oz.au (alt.aurema.com [203.217.18.57]) by mx1.FreeBSD.org (Postfix) with ESMTP id 74B5943F3F for ; Mon, 11 Aug 2003 14:53:07 -0700 (PDT) (envelope-from vance@aurema.com) Received: from smtp.sw.oz.au (localhost [127.0.0.1]) by smtp.sw.oz.au with ESMTP id h7BLqnFS021191; Tue, 12 Aug 2003 07:52:49 +1000 (EST) Received: (from vance@localhost) by smtp.sw.oz.au id h7BLqlr2021080; Tue, 12 Aug 2003 07:52:47 +1000 (EST) Date: Tue, 12 Aug 2003 07:52:47 +1000 From: Christopher Vance To: Marcus Reid Message-ID: <20030811215247.GA14202@aurema.com> References: <44llu6v432.fsf@be-well.ilk.org> <20030811202841.GA29452@blazingdot.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20030811202841.GA29452@blazingdot.com> User-Agent: Mutt/1.4.1i X-Scanned-By: MIMEDefang 2.33 (www . roaringpenguin . com / mimedefang) cc: freebsd@critesclan.com cc: freebsd-security@freebsd.org Subject: Re: statically compiled files left over after a 'make world' X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 11 Aug 2003 21:53:09 -0000 On Mon, Aug 11, 2003 at 01:28:42PM -0700, Marcus Reid wrote: : It's a fairly time-consuming process, but on occasion I like to : do a 'make world DESTDIR=$D' where D is an optional install root, : and then compare the resulting tree with the real root and remove : any cruft that might be laying around. AFAIK this is the only way : to accomplish this. I thinks it's the only way currently implemented. One possible solution would be to keep a list in the relevant Makefiles of files to be removed when other things are installed. Once the bsd.* implementation is there, it should often be matter of moving things from one macro to another when something is removed. I don't think it's actually worth the effort to do right, so rather than doing it right, right now, I'll keep doing it the way you described above. -- Christopher Vance From owner-freebsd-security@FreeBSD.ORG Mon Aug 11 15:33:25 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4558737B401 for ; Mon, 11 Aug 2003 15:33:25 -0700 (PDT) Received: from obsecurity.dyndns.org (adsl-64-169-107-97.dsl.lsan03.pacbell.net [64.169.107.97]) by mx1.FreeBSD.org (Postfix) with ESMTP id 80CC643F75 for ; Mon, 11 Aug 2003 15:33:24 -0700 (PDT) (envelope-from kris@obsecurity.org) Received: from rot13.obsecurity.org (rot13.obsecurity.org [10.0.0.5]) by obsecurity.dyndns.org (Postfix) with ESMTP id 3D69A66BE5; Mon, 11 Aug 2003 15:33:24 -0700 (PDT) Received: by rot13.obsecurity.org (Postfix, from userid 1000) id 130877A8; Mon, 11 Aug 2003 15:33:24 -0700 (PDT) Date: Mon, 11 Aug 2003 15:33:24 -0700 From: Kris Kennaway To: Mike Hoskins Message-ID: <20030811223323.GA43868@rot13.obsecurity.org> References: <20030811133749.U27196@fubar.adept.org> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="45Z9DzgjV8m4Oswq" Content-Disposition: inline In-Reply-To: <20030811133749.U27196@fubar.adept.org> User-Agent: Mutt/1.4.1i cc: security@freebsd.org Subject: Re: realpath(3) et al X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 11 Aug 2003 22:33:25 -0000 --45Z9DzgjV8m4Oswq Content-Type: text/plain; charset=us-ascii Content-Disposition: inline On Mon, Aug 11, 2003 at 02:08:27PM -0700, Mike Hoskins wrote: > My question is... If enabling a 3rd-party audit for some target release > (5.3+ I'd assume) is desirable, what would be needed money-, time- and > other-wise? I'm willing to invest both time and money to make this > happen. I'd expect such an endeavor to be tedious and expensive... and, > of course, it would really need to be repeated occasionally to be of real > value. (Probably, at least, after major version number changes.) > However, perhaps doing an audit of the base system now would help our > image in the security community? Help with auditing is always welcomed. See the freebsd-audit mailing list. Kris --45Z9DzgjV8m4Oswq Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (FreeBSD) iD8DBQE/OBmzWry0BWjoQKURAhUkAKC9LP+td0lASSNE/GkKnbM8NZ/CoQCfYC9c JuC+knGcUSiSC9+qwOBkDHE= =dgx+ -----END PGP SIGNATURE----- --45Z9DzgjV8m4Oswq-- From owner-freebsd-security@FreeBSD.ORG Mon Aug 11 15:41:35 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B0E5237B41C for ; Mon, 11 Aug 2003 15:41:27 -0700 (PDT) Received: from rwcrmhc13.comcast.net (rwcrmhc13.comcast.net [204.127.198.39]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9A0E043FE3 for ; Mon, 11 Aug 2003 15:41:09 -0700 (PDT) (envelope-from cristjc@comcast.net) Received: from blossom.cjclark.org (12-234-159-107.client.attbi.com[12.234.159.107](untrusted sender)) by comcast.net (rwcrmhc13) with ESMTP id <20030811224109015006qd2qe>; Mon, 11 Aug 2003 22:41:09 +0000 Received: from blossom.cjclark.org (localhost. [127.0.0.1]) by blossom.cjclark.org (8.12.8p1/8.12.8) with ESMTP id h7BMexJp032620; Mon, 11 Aug 2003 15:40:59 -0700 (PDT) (envelope-from cristjc@comcast.net) Received: (from cjc@localhost) by blossom.cjclark.org (8.12.8p1/8.12.8/Submit) id h7BMes7d032619; Mon, 11 Aug 2003 15:40:54 -0700 (PDT) X-Authentication-Warning: blossom.cjclark.org: cjc set sender to cristjc@comcast.net using -f Date: Mon, 11 Aug 2003 15:40:54 -0700 From: "Crist J. Clark" To: Redmond Militante Message-ID: <20030811224054.GC32225@blossom.cjclark.org> References: <20030808064118.GA64362@darkpossum> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20030808064118.GA64362@darkpossum> User-Agent: Mutt/1.4.1i X-URL: http://people.freebsd.org/~cjc/ cc: freebsd-security@freebsd.org Subject: Re: problems with ipfilter on 5.1-RELEASE X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: "Crist J. Clark" List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 11 Aug 2003 22:41:38 -0000 On Fri, Aug 08, 2003 at 01:41:18AM -0500, Redmond Militante wrote: > hi all > > i'm trying to get ipfilter set up on my new 5.1-RELEASE box. ipfilter > seems to be working fine. i just have a couple of issues that are > probably not very serious... > > one thing is that during network startup at boot, i get the message > IPFilter: already initialized > repeated 4 times. > > i think i have everything configured properly > > my kernel config looks like > > options IPFILTER > options IPFILTER_LOG > options IPFILTER_DEFAULT_BLOCK > > my /etc/rc.conf looks like > > ipfilter_enable="YES" > ipfilter_flags="" > ipfilter_rules="/etc/ipfilter.rules" > ipmon_enable="YES" > ipmon_flags="-Dsvn" IPFilter may be initialized when other network devices and services are started and configured. This might be what you see. Can you provide more of your rc.conf? At the very least, the other networking-related variables. > the other problem i have is that: it now seems that ipmon is logging to > /var/log/messages. i've set up ipfilter successfully on many freebsd > 4x boxes, but this is the first time i've tried to set it up on 5x. > > in my /etc/syslog.conf i have > > local0.* /var/log/firewall_logs > *.notice;local0.none;authpriv.none;kern.debug;lpr.info;mail.crit;news.err > /var/log/messages The default facility for IPFilter was changed to LOG_SECURITY, cvs diff -rRELENG_4 -rRELENG_5_1 src/contrib/ipfilter/Makefile Index: src/contrib/ipfilter/Makefile =================================================================== RCS file: /ncvs/src/contrib/ipfilter/Makefile,v retrieving revision 1.1.1.8.2.6 retrieving revision 1.2 diff -u -r1.1.1.8.2.6 -r1.2 --- src/contrib/ipfilter/Makefile 1 Mar 2003 03:55:50 -0000 1.1.1.8.2.6 +++ src/contrib/ipfilter/Makefile 5 Apr 2003 09:25:19 -0000 1.2 @@ -3,6 +3,7 @@ # # See the IPFILTER.LICENCE file for details on licencing. # +# $FreeBSD: src/contrib/ipfilter/Makefile,v 1.2 2003/04/05 09:25:19 darrenr Exp $ # $Id: Makefile,v 2.11.2.15 2002/12/02 04:22:56 darrenr Exp $ # BINDEST=/usr/local/bin @@ -29,7 +30,7 @@ # # The facility you wish to log messages from ipmon to syslogd with. # -LOGFAC=-DLOGFAC=LOG_LOCAL0 +LOGFAC=-DLOGFAC=LOG_SECURITY # # Uncomment the next 3 lines if you want to view the state table a la top(1) You might want to, --- /export/freebsd/RELENG_5_1/src/etc/syslog.conf Wed Apr 23 06:08:31 2003 +++ syslog.conf Mon Aug 11 15:37:54 2003 @@ -6,7 +6,7 @@ # may want to use only tabs as field separators here. # Consult the syslog.conf(5) manpage. *.err;kern.debug;auth.notice;mail.crit /dev/console -*.notice;authpriv.none;kern.debug;lpr.info;mail.crit;news.err /var/log/messages +*.notice;authpriv,security.none;kern.debug;lpr.info;mail.crit;news.err /var/log/messages security.* /var/log/security auth.info;authpriv.info /var/log/auth.log mail.info /var/log/maillog If you wish to stop messages to /var/log/messages. They should already be collecting in /var/log/security. You may wish to change that to firewall_logs if the filename is important to you. -- Crist J. Clark | cjclark@alum.mit.edu | cjclark@jhu.edu http://people.freebsd.org/~cjc/ | cjc@freebsd.org From owner-freebsd-security@FreeBSD.ORG Mon Aug 11 16:14:52 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9836237B401 for ; Mon, 11 Aug 2003 16:14:52 -0700 (PDT) Received: from fubar.adept.org (fubar.adept.org [63.147.172.249]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2983F43F85 for ; Mon, 11 Aug 2003 16:14:52 -0700 (PDT) (envelope-from mike@adept.org) Received: by fubar.adept.org (Postfix, from userid 1001) id 1D58015256; Mon, 11 Aug 2003 16:14:52 -0700 (PDT) Received: from localhost (localhost [127.0.0.1]) by fubar.adept.org (Postfix) with ESMTP id 1C7291524D for ; Mon, 11 Aug 2003 16:14:52 -0700 (PDT) Date: Mon, 11 Aug 2003 16:14:52 -0700 (PDT) From: Mike Hoskins To: security@freebsd.org In-Reply-To: <20030811223323.GA43868@rot13.obsecurity.org> Message-ID: <20030811160014.B60109@fubar.adept.org> References: <20030811133749.U27196@fubar.adept.org> <20030811223323.GA43868@rot13.obsecurity.org> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Subject: Re: realpath(3) et al X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 11 Aug 2003 23:14:52 -0000 On Mon, 11 Aug 2003, Kris Kennaway wrote: > Help with auditing is always welcomed. See the freebsd-audit mailing > list. Thanks, Kris... I will browse the -audit archives, and subscribe if I feel I have something to contribute. Since I haven't written any real (read: compiled) source code since CSCE, I have a lot to learn before I can speak on such lists. Beside volunteer efforts (which I think are great, and I'd love to attempt to organize... I liked the ideas others have posted so far), I wonder if it would be useful to use some tool or 3rd-party as well? I specifically mentioned '3rd-party' because conducting such an external audit generally allows you to say 'our code meets the following spec(s)'. Being able to say that may serve a meaningful purpose in certain circles. Obviously, bugs would still exist (and old bugs may reappear over time, as pointed out by Wietse Venema on Bugtraq recently), and reviews would still need to happen... But I believe getting 3rd-party consensus about the 'quality' of our code at a given point in time could be quite useful to the project. I may be off-base; It wouldn't be the first time. It may be just as useful to use some 'industry accepted tool' (probably something commercial, although opensource tools would work if they are used and respected by members of our community) to do scans of the base system. I would think that things like one-off errors would be caught by most code review utilities. Are any of these utilities used now? Has any thought been given to their use? Do developers and/or the core team have general feelings about the usefulness of such utilities? If it's simply a matter of money, I'll start a collection today. Not to give a false impression... I don't have jewels flowing from my pockets either. ;) However, I think of the many things I spend money on... This would be one of the most worthwhile. I would like to invest time as well, but while I'm coming up to speed it is easier to throw money at the problem. I'm glad to see interest in this endeavor -- it is just what I expected. I'm sure anyone here has interest, it is just a matter of figuring out the best way to proceed. We need volunteers, tools and time. My primary concern is ensuring that the result of any work is as immediately useful to the project and our community as possible. -mrh -- From: "Spam Catcher" To: spam-catcher@adept.org Do NOT send email to the address listed above or you will be added to a blacklist! From owner-freebsd-security@FreeBSD.ORG Mon Aug 11 16:21:34 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6B59D37B401 for ; Mon, 11 Aug 2003 16:21:34 -0700 (PDT) Received: from gw.celabo.org (gw.celabo.org [208.42.49.153]) by mx1.FreeBSD.org (Postfix) with ESMTP id A26A043F3F for ; Mon, 11 Aug 2003 16:21:33 -0700 (PDT) (envelope-from nectar@celabo.org) Received: from madman.celabo.org (madman.celabo.org [10.0.1.111]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "madman.celabo.org", Issuer "celabo.org CA" (verified OK)) by gw.celabo.org (Postfix) with ESMTP id 370F25482B; Mon, 11 Aug 2003 18:21:33 -0500 (CDT) Received: by madman.celabo.org (Postfix, from userid 1001) id C779B6D461; Mon, 11 Aug 2003 18:21:32 -0500 (CDT) Date: Mon, 11 Aug 2003 18:21:32 -0500 From: "Jacques A. Vidrine" To: Mike Hoskins Message-ID: <20030811232132.GB46629@madman.celabo.org> References: <20030811133749.U27196@fubar.adept.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20030811133749.U27196@fubar.adept.org> X-Url: http://www.celabo.org/ User-Agent: Mutt/1.5.4i-ja.1 cc: security@freebsd.org Subject: Re: realpath(3) et al X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 11 Aug 2003 23:21:34 -0000 On Mon, Aug 11, 2003 at 02:08:27PM -0700, Mike Hoskins wrote: > First, I hope that this message is not considered flame bait. As someone > who has used FreeBSD for for 5+ years now, I have a genuine interest in > the integrity of our source code. > > Second, I hope that this message is not taken as any form of insult or > finger pointing. No worries. > Software without bugs does not exist, and I think we all > know that. Acknowledging that point and working to mitigate the risks > associated with it would seem to be our only real option. Yes, we are all agreed here. > That said, every time something like the recent realpath(3) issue comes > to light, I find myself asking why I haven't at least tried to do more to > review our source code or (more desirable) enable 3rd-party audits. More people should ask themselves that :-) One can talk about auditing code, or one can do it. Even in projects where careful auditing has been the primary focus, things get missed. For example, OpenBSD missed this exact same bug and corrected it about the same time as everyone else. > My question is... If enabling a 3rd-party audit for some target release > (5.3+ I'd assume) is desirable, what would be needed money-, time- and > other-wise? People need to read code, that's all. You can share your code reading insights at freebsd-audit@freebsd.org, or if you believe it is sensitive, with security-team@freebsd.org. We _do_ already audit code, you know. FreeBSD-SA-03:09.signal was a result of my auditing, FreeBSD-SA-03:10.ibcs2 was a result of David's auditing. Also, many commits that are just `cleanup' are the result of a kind of `auditing'. What we perhaps lack is coordination. This is not easy in a volunteer environment, but perhaps something as simple as a `scoreboard' with `these files being audited/have been audited by whatsmyname' would be an improvement. On the other hand, in my experience, people are quick to volunteer and slow to follow up --- usually disappearing. :-( Of course, those that do follow up often become committers themselves :-) > I'm willing to invest both time and money to make this > happen. I'd expect such an endeavor to be tedious and expensive... and, > of course, it would really need to be repeated occasionally to be of real > value. (Probably, at least, after major version number changes.) > However, perhaps doing an audit of the base system now would help our > image in the security community? *shrug* I didn't know we had an image problem in the security community. Probably the single most effective way to get an audit done is to read the code :-) Cheers, -- Jacques Vidrine . NTT/Verio SME . FreeBSD UNIX . Heimdal nectar@celabo.org . jvidrine@verio.net . nectar@freebsd.org . nectar@kth.se From owner-freebsd-security@FreeBSD.ORG Mon Aug 11 16:34:41 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 422CF37B401 for ; Mon, 11 Aug 2003 16:34:41 -0700 (PDT) Received: from fubar.adept.org (fubar.adept.org [63.147.172.249]) by mx1.FreeBSD.org (Postfix) with ESMTP id CA08143FAF for ; Mon, 11 Aug 2003 16:34:40 -0700 (PDT) (envelope-from mike@adept.org) Received: by fubar.adept.org (Postfix, from userid 1001) id BDB6015256; Mon, 11 Aug 2003 16:34:40 -0700 (PDT) Received: from localhost (localhost [127.0.0.1]) by fubar.adept.org (Postfix) with ESMTP id B99151524D for ; Mon, 11 Aug 2003 16:34:40 -0700 (PDT) Date: Mon, 11 Aug 2003 16:34:40 -0700 (PDT) From: Mike Hoskins To: security@freebsd.org In-Reply-To: <20030811232132.GB46629@madman.celabo.org> Message-ID: <20030811162602.N72549@fubar.adept.org> References: <20030811133749.U27196@fubar.adept.org> <20030811232132.GB46629@madman.celabo.org> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Subject: Re: realpath(3) et al X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 11 Aug 2003 23:34:41 -0000 On Mon, 11 Aug 2003, Jacques A. Vidrine wrote: > More people should ask themselves that :-) One can talk about auditing > code, or one can do it. Point taken. ;) > Even in projects where careful auditing has been the primary focus, > things get missed. For example, OpenBSD missed this exact same bug > and corrected it about the same time as everyone else. I agree, and I find the OBSD bit interesting... Since members of 'their community' often seem to point fingers in certain forums at other distributions for 'not being proactive'. I think we all try to do the best job we can, and I'd often like to be able to tell those types to get off their high horse. :/ > We _do_ already audit code, you know. FreeBSD-SA-03:09.signal was a > result of my auditing, FreeBSD-SA-03:10.ibcs2 was a result of David's > auditing. Also, many commits that are just `cleanup' are the result > of a kind of `auditing'. I suspected as much, but I wasn't aware of specifics. > What we perhaps lack is coordination. This is not easy in a volunteer > environment, but perhaps something as simple as a `scoreboard' with > `these files being audited/have been audited by whatsmyname' would be > an improvement. On the other hand, in my experience, people are quick > to volunteer and slow to follow up --- usually disappearing. :-( Of > course, those that do follow up often become committers themselves :-) Wasn't there a page (maybe there still is...) showing sections of the base system as 'assigned' to certain individuals, with contact info listed? I think it was pretty stale for awhile, but maybe something similar could be revived and maintained. If it already is, great! The scroeboard idea, or any idea that makes coordination easier for everyone, sounds spot on. Are you aware of any open source/free collaboration systems that provide such an interface? Or could you ellaborate a bit more on what you think would be most useful? > *shrug* I didn't know we had an image problem in the security > community. I don't think our image is bad, I'd just like it to be better. > Probably the single most effective way to get an audit done is to read > the code :-) Along those lines, I just ordered a copy of _Code Reading: The Open Source Perspective_ on amazon. It received mixed reviews, and I'm hoping it's a worthy investment. Would anyone else care to recommend books, URLs, etc. that are useful to those interested in audting code? -mrh -- From: "Spam Catcher" To: spam-catcher@adept.org Do NOT send email to the address listed above or you will be added to a blacklist! From owner-freebsd-security@FreeBSD.ORG Mon Aug 11 18:31:49 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8097537B401 for ; Mon, 11 Aug 2003 18:31:49 -0700 (PDT) Received: from mkultra.w88trigger.com (ca.216.202.162.22.gtecablemodem.com [216.202.162.22]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8B50943FAF for ; Mon, 11 Aug 2003 18:31:44 -0700 (PDT) (envelope-from fbsd@w88trigger.com) Received: from calculon.w88trigger.com (calculon.w88trigger.com [192.168.0.4]) by mkultra.w88trigger.com (Postfix) with ESMTP id 572DB20F51 for ; Mon, 11 Aug 2003 18:31:40 -0700 (PDT) From: fbsd@w88trigger.com To: security@freebsd.org Date: Mon, 11 Aug 2003 18:31:39 -0700 User-Agent: KMail/1.5.3 References: <20030811133749.U27196@fubar.adept.org> In-Reply-To: <20030811133749.U27196@fubar.adept.org> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200308111831.39910.fbsd@w88trigger.com> Subject: Re: realpath(3) et al X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Aug 2003 01:31:49 -0000 Organizing a review of the FreeBSD code base will be a tedious, yet highly valuable endeavor. I have little spare time or money, but I would be willing to contribute what I can for such a worthy cause. I suspect that there are many others who feel this way, and therefore it may be feasible for the 3rd party conducting the review to be made up almost entirely of volunteers. I guess the big issue is how to get the process started. Need person(s) to organize reviews: It seems like a first step should be to find someone who can organize audits/reviews of the code base, and organize groups of reviewers. Bodies of code could then be assigned to individual volunteers or groups for review within some time frame. Results would be collected and organized and code fixes made and applied. No matter how the project is managed, I think the first action must be to identify some volunteers to run the code review project. Just an Idea: Perhaps such reviews could take the form of bug-hunting contests, where those who discover software defects or vulnerabilities are awarded some form of recognition (i.e., named on FreeBSD website), and/or some prize or trophy. This could actually be a really fun activity if presented in the right way. Conducting reviews in this manner may help attract more interest and reduce or eliminate any need to hire a professional organization to perform reviews. Of course there would have to be some rules like, people cannot review code they had any part in authoring. Any way to get organized reviews done will be a great benefit to the FreeBSD code base. I just want to see it happen and to help where I can. --ajg On Monday 11 August 2003 14:08, Mike Hoskins wrote: > First, I hope that this message is not considered flame bait. > As someone who has used FreeBSD for for 5+ years now, I have a > genuine interest in the integrity of our source code. > > Second, I hope that this message is not taken as any form of > insult or finger pointing. Software without bugs does not > exist, and I think we all know that. Acknowledging that point > and working to mitigate the risks associated with it would > seem to be our only real option. > > That said, every time something like the recent realpath(3) > issue comes to light, I find myself asking why I haven't at > least tried to do more to review our source code or (more > desirable) enable 3rd-party audits. > > My question is... If enabling a 3rd-party audit for some > target release (5.3+ I'd assume) is desirable, what would be > needed money-, time- and other-wise? I'm willing to invest > both time and money to make this happen. I'd expect such an > endeavor to be tedious and expensive... and, of course, it > would really need to be repeated occasionally to be of real > value. (Probably, at least, after major version number > changes.) However, perhaps doing an audit of the base system > now would help our image in the security community? > > All I know is, despite occasional arguments and rants, I like > FreeBSD. As long as it exists, I plan to have it installed... > So it is in my best interest to help in any way I can. I know > projects like secure/trustedBSD exist, but I am really looking > for ways to promote the trust of the base system more than > specialized projects/branches. > > Thoughts? > > -mrh > > -- > From: "Spam Catcher" > To: spam-catcher@adept.org > Do NOT send email to the address listed above or > you will be added to a blacklist! > _______________________________________________ > freebsd-security@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to > "freebsd-security-unsubscribe@freebsd.org" From owner-freebsd-security@FreeBSD.ORG Tue Aug 12 00:06:22 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 964C737B401; Tue, 12 Aug 2003 00:06:22 -0700 (PDT) Received: from ns1.cksoft.de (ns1.cksoft.de [62.111.66.1]) by mx1.FreeBSD.org (Postfix) with ESMTP id A337343F75; Tue, 12 Aug 2003 00:06:21 -0700 (PDT) (envelope-from ck-lists@cksoft.de) Received: from majakka.cksoft.de (p508A8215.dip0.t-ipconnect.de [80.138.130.21]) (using TLSv1 with cipher EDH-RSA-DES-CBC3-SHA (168/168 bits)) (No client certificate requested) by ns1.cksoft.de (Postfix) with ESMTP id 8DC9E15C00B; Tue, 12 Aug 2003 09:06:19 +0200 (CEST) Received: from majakka.cksoft.de (localhost [127.0.0.1]) by majakka.cksoft.de (Postfix) with ESMTP id 5107144C7E; Tue, 12 Aug 2003 09:06:18 +0200 (CEST) Received: by majakka.cksoft.de (Postfix, from userid 1000) id 7C45544C7C; Tue, 12 Aug 2003 09:06:17 +0200 (CEST) Received: from localhost (localhost [127.0.0.1]) by majakka.cksoft.de (Postfix) with ESMTP id 7547144ACB; Tue, 12 Aug 2003 09:06:17 +0200 (CEST) Date: Tue, 12 Aug 2003 09:06:17 +0200 (CEST) From: Christian Kratzer X-X-Sender: ck@majakka.cksoft.de To: questions@freebsd.org, security@freebsd.org Message-ID: <20030812090529.X11861@majakka.cksoft.de> X-Spammer-Kill-Ratio: 75% MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII X-Virus-Scanned: by AMaViS snapshot-20020300-cksoft-02bz on majakka.cksoft.de Subject: Re: dynamic IPSEC X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: Christian Kratzer List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Aug 2003 07:06:22 -0000 Hi, On Mon, 11 Aug 2003, Kent Hauser wrote: > Hi Mike, > > Had any progress? I've also by stymied for a clean solution. Previously, I > used a simple SED script from executed from "/etc/ppp/ppp.linkup" to edit a > "setkeys" script which then negotiated with the office ascend router/gw & all > was VPN heaven. However, I now need to negotiate mobile(FreeBSD) to > static(FreeBSD) & that is proving problematic. Executing a SED script after > DHCP of mobile is easy, but it seems I also need to SED the static host's SPD > -- ie no wildcards allowed as in the ascend router situtation. Needless to > say, allowing "unauthenticated" hosts (read anyone) to modify the SPD on a > machine so that it can be authenticated strikes me as putting the cart before > the horse. > > When I install a "wildcard" host (0.0.0.0) on the static side, racoon only > negotiates the mobile->static SAD...which is useless & expires. Seems to me > that racoon needs to update kernel SPDs with wildcards to support mobile > VPNs. At least that's all I've been able to come up with. > > Have you found a silver bullet? Solution 1: the silver bullet to allow roaming clients with dynamic address to connect to your racoon is to have no policy at all defined for them and use an anonymous section your racoon.conf with generate_policy on; This way your clients connect and racoon sets up any policy they request. This is a bit ugly as you have to trust them not to screw up your policy but seems to be the only solution currently availale with racoon. You will also want to use certificates instead of preshared keys for authentication unless you are comfortable with having a single preshared key for all your roaming users. Solution 2: We have a setup where we have 3 offices each with dynamic ip's and freebsd boxes as their gateways. The boxes all run scripts to register their dynamic ip address at a colocated box with a static ip. The boxes also resolve each others ip addresses every 5 minutes and generate a new ipsec.conf and install it if it differs from the previous one. The system is now very stable and we have ispec tunnels between all 3 offices. If something changes they rewire themselves on the fly. Greetings Christian -- CK Software GmbH Christian Kratzer, Schwarzwaldstr. 31, 71131 Jettingen Email: ck@cksoft.de Phone: +49 7452 889-135 Open Software Solutions, Network Security Fax: +49 7452 889-136 FreeBSD spoken here! From owner-freebsd-security@FreeBSD.ORG Tue Aug 12 01:24:33 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7A74C37B401 for ; Tue, 12 Aug 2003 01:24:33 -0700 (PDT) Received: from amsfep14-int.chello.nl (amsfep14-int.chello.nl [213.46.243.22]) by mx1.FreeBSD.org (Postfix) with ESMTP id 4027043F3F for ; Tue, 12 Aug 2003 01:24:32 -0700 (PDT) (envelope-from dodell@sitetronics.com) Received: from internal ([213.46.141.159]) by amsfep14-int.chello.nl (InterMail vM.5.01.05.17 201-253-122-126-117-20021021) with ESMTP id <20030812082430.QEVI15718.amsfep14-int.chello.nl@internal> for ; Tue, 12 Aug 2003 10:24:30 +0200 From: "Devon H. O'Dell" To: Date: Tue, 12 Aug 2003 10:24:16 +0200 Organization: SiteTronics Message-ID: <002301c360ab$1ec6b940$9f8d2ed5@internal> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook, Build 10.0.4510 In-Reply-To: <200308111831.39910.fbsd@w88trigger.com> X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 Importance: Normal Subject: RE: realpath(3) et al X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Aug 2003 08:24:33 -0000 I was reading an article on Slashdot recently about Linux just getting = some sort of security certification and asked the question "What about = FreeBSD?" I got the standard BSD trolls, but my comment was actually modded up to = a 3, Interesting, I believe. What sorts of security standards commissions are there, how much does getting "standards certified" cost, and where should we start?=20 I'm all for getting a website up to give out information on what we're trying to do and possibly collect donations, take comments, and set up discussions. I do have the time, resources, space and FreeBSD box ;) to = set this up. I'd like to get started with this ASAP; any other ideas? Kind regards, Devon H. O'Dell Systems and Network Engineer Simpli, Inc. Web Hosting http://www.simpli.biz > -----Oorspronkelijk bericht----- > Van: owner-freebsd-security@freebsd.org [mailto:owner-freebsd- > security@freebsd.org] Namens fbsd@w88trigger.com > Verzonden: Tuesday, August 12, 2003 3:32 AM > Aan: security@freebsd.org > Onderwerp: Re: realpath(3) et al >=20 > Organizing a review of the FreeBSD code base will be a tedious, > yet highly valuable endeavor. I have little spare time or > money, but I would be willing to contribute what I can for such > a worthy cause. I suspect that there are many others who feel > this way, and therefore it may be feasible for the 3rd party > conducting the review to be made up almost entirely of > volunteers. I guess the big issue is how to get the process > started. >=20 > Need person(s) to organize reviews: > It seems like a first step should be to find someone who can > organize audits/reviews of the code base, and organize groups of > reviewers. Bodies of code could then be assigned to individual > volunteers or groups for review within some time frame. Results > would be collected and organized and code fixes made and > applied. No matter how the project is managed, I think the > first action must be to identify some volunteers to run the code > review project. >=20 > Just an Idea: > Perhaps such reviews could take the form of bug-hunting contests, > where those who discover software defects or vulnerabilities are > awarded some form of recognition (i.e., named on FreeBSD > website), and/or some prize or trophy. This could actually be a > really fun activity if presented in the right way. Conducting > reviews in this manner may help attract more interest and reduce > or eliminate any need to hire a professional organization to > perform reviews. Of course there would have to be some rules > like, people cannot review code they had any part in authoring. >=20 > Any way to get organized reviews done will be a great benefit to > the FreeBSD code base. I just want to see it happen and to help > where I can. >=20 > --ajg >=20 >=20 > On Monday 11 August 2003 14:08, Mike Hoskins wrote: > > First, I hope that this message is not considered flame bait. > > As someone who has used FreeBSD for for 5+ years now, I have a > > genuine interest in the integrity of our source code. > > > > Second, I hope that this message is not taken as any form of > > insult or finger pointing. Software without bugs does not > > exist, and I think we all know that. Acknowledging that point > > and working to mitigate the risks associated with it would > > seem to be our only real option. > > > > That said, every time something like the recent realpath(3) > > issue comes to light, I find myself asking why I haven't at > > least tried to do more to review our source code or (more > > desirable) enable 3rd-party audits. > > > > My question is... If enabling a 3rd-party audit for some > > target release (5.3+ I'd assume) is desirable, what would be > > needed money-, time- and other-wise? I'm willing to invest > > both time and money to make this happen. I'd expect such an > > endeavor to be tedious and expensive... and, of course, it > > would really need to be repeated occasionally to be of real > > value. (Probably, at least, after major version number > > changes.) However, perhaps doing an audit of the base system > > now would help our image in the security community? > > > > All I know is, despite occasional arguments and rants, I like > > FreeBSD. As long as it exists, I plan to have it installed... > > So it is in my best interest to help in any way I can. I know > > projects like secure/trustedBSD exist, but I am really looking > > for ways to promote the trust of the base system more than > > specialized projects/branches. > > > > Thoughts? > > > > -mrh > > > > -- > > From: "Spam Catcher" > > To: spam-catcher@adept.org > > Do NOT send email to the address listed above or > > you will be added to a blacklist! > > _______________________________________________ > > freebsd-security@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-security > > To unsubscribe, send any mail to > > "freebsd-security-unsubscribe@freebsd.org" >=20 > _______________________________________________ > freebsd-security@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "freebsd-security- > unsubscribe@freebsd.org" From owner-freebsd-security@FreeBSD.ORG Tue Aug 12 01:56:21 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6CF2037B401 for ; Tue, 12 Aug 2003 01:56:21 -0700 (PDT) Received: from arthur.nitro.dk (port324.ds1-khk.adsl.cybercity.dk [212.242.113.79]) by mx1.FreeBSD.org (Postfix) with ESMTP id B3B1343FA3 for ; Tue, 12 Aug 2003 01:56:20 -0700 (PDT) (envelope-from simon@arthur.nitro.dk) Received: by arthur.nitro.dk (Postfix, from userid 1000) id B226410BFA8; Tue, 12 Aug 2003 10:56:18 +0200 (CEST) Date: Tue, 12 Aug 2003 10:56:18 +0200 From: "Simon L. Nielsen" To: Mike Hoskins Message-ID: <20030812085617.GA407@FreeBSD.org> References: <20030811133749.U27196@fubar.adept.org> <20030811232132.GB46629@madman.celabo.org> <20030811162602.N72549@fubar.adept.org> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="9amGYk9869ThD9tj" Content-Disposition: inline In-Reply-To: <20030811162602.N72549@fubar.adept.org> User-Agent: Mutt/1.5.4i cc: security@freebsd.org Subject: Re: realpath(3) et al X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Aug 2003 08:56:21 -0000 --9amGYk9869ThD9tj Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On 2003.08.11 16:34:40 -0700, Mike Hoskins wrote: > Wasn't there a page (maybe there still is...) showing sections of the base > system as 'assigned' to certain individuals, with contact info listed? I > think it was pretty stale for awhile, but maybe something similar could be > revived and maintained. If it already is, great! There is http://www.freebsd.org/auditors.html but it hasn't been updated for a very long time. BTW, if anybody really wants to start up the audit project again, I think somebody should take a look at integrating some of the changes OpenBSD has made. No reason to spend time finding the bugs OpenBSD has already fixed. --=20 Simon L. Nielsen FreeBSD Documentation Team --9amGYk9869ThD9tj Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (FreeBSD) iD8DBQE/OKuxh9pcDSc1mlERAqcnAJ9LSUOz/Y/TFjinRJDdVi1mxdT/TwCfdTCz bSiCP2okGRNKfXfEouaWlXw= =+h/4 -----END PGP SIGNATURE----- --9amGYk9869ThD9tj-- From owner-freebsd-security@FreeBSD.ORG Tue Aug 12 02:02:33 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5B81537B401 for ; Tue, 12 Aug 2003 02:02:33 -0700 (PDT) Received: from amsfep12-int.chello.nl (amsfep12-int.chello.nl [213.46.243.18]) by mx1.FreeBSD.org (Postfix) with ESMTP id E3EFE43FB1 for ; Tue, 12 Aug 2003 02:02:31 -0700 (PDT) (envelope-from dodell@sitetronics.com) Received: from internal ([213.46.141.159]) by amsfep12-int.chello.nl (InterMail vM.5.01.05.17 201-253-122-126-117-20021021) with ESMTP id <20030812090230.OFFQ1274.amsfep12-int.chello.nl@internal> for ; Tue, 12 Aug 2003 11:02:30 +0200 From: "Devon H. O'Dell" To: Date: Tue, 12 Aug 2003 11:02:16 +0200 Organization: SiteTronics Message-ID: <003501c360b0$6dad9970$9f8d2ed5@internal> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook, Build 10.0.4510 In-Reply-To: <20030812085617.GA407@FreeBSD.org> X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 Importance: Normal Subject: RE: realpath(3) et al X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Aug 2003 09:02:33 -0000 Is there a list of these bugs available anywhere? If not, what software = is recommended to import, keep track of, and document these bugs? Features such as a protected stack should, IMO, be implemented as soon = as possible to keep FreeBSD heads-afloat right now in the security = sense.... OpenBSD has implemented this already and there are many patches for = Linux to do the same... why don't we go ahead and shove some of this code into = CVS? Should I go ahead and start this up? If so, what are some ideas of = things I might like to put on it? Kind regards, Devon H. O'Dell Systems and Network Engineer Simpli, Inc. Web Hosting http://www.simpli.biz > -----Oorspronkelijk bericht----- > Van: owner-freebsd-security@freebsd.org [mailto:owner-freebsd- > security@freebsd.org] Namens Simon L. Nielsen > Verzonden: Tuesday, August 12, 2003 10:56 AM > Aan: Mike Hoskins > CC: security@freebsd.org > Onderwerp: Re: realpath(3) et al >=20 > On 2003.08.11 16:34:40 -0700, Mike Hoskins wrote: >=20 > > Wasn't there a page (maybe there still is...) showing sections of = the > base > > system as 'assigned' to certain individuals, with contact info = listed? > I > > think it was pretty stale for awhile, but maybe something similar = could > be > > revived and maintained. If it already is, great! >=20 > There is http://www.freebsd.org/auditors.html but it hasn't been = updated > for > a very long time. >=20 > BTW, if anybody really wants to start up the audit project again, I > think somebody should take a look at integrating some of the changes > OpenBSD has made. No reason to spend time finding the bugs OpenBSD = has > already fixed. >=20 > -- > Simon L. Nielsen > FreeBSD Documentation Team From owner-freebsd-security@FreeBSD.ORG Tue Aug 12 04:15:39 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B747037B401 for ; Tue, 12 Aug 2003 04:15:39 -0700 (PDT) Received: from cirb503493.alcatel.com.au (c211-28-27-130.belrs2.nsw.optusnet.com.au [211.28.27.130]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8039C43F3F for ; Tue, 12 Aug 2003 04:15:31 -0700 (PDT) (envelope-from PeterJeremy@optushome.com.au) Received: from cirb503493.alcatel.com.au (localhost.alcatel.com.au [127.0.0.1])h7CBFRgh066983; Tue, 12 Aug 2003 21:15:27 +1000 (EST) (envelope-from jeremyp@cirb503493.alcatel.com.au) Received: (from jeremyp@localhost) by cirb503493.alcatel.com.au (8.12.8/8.12.8/Submit) id h7CBFNX5066982; Tue, 12 Aug 2003 21:15:23 +1000 (EST) Date: Tue, 12 Aug 2003 21:15:23 +1000 From: Peter Jeremy To: "Devon H. O'Dell" Message-ID: <20030812111522.GA66788@cirb503493.alcatel.com.au> References: <20030812085617.GA407@FreeBSD.org> <003501c360b0$6dad9970$9f8d2ed5@internal> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <003501c360b0$6dad9970$9f8d2ed5@internal> User-Agent: Mutt/1.4.1i cc: security@freebsd.org Subject: Re: realpath(3) et al X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Aug 2003 11:15:40 -0000 On Tue, Aug 12, 2003 at 11:02:16AM +0200, Devon H. O'Dell wrote: >Features such as a protected stack should, IMO, be implemented as soon as >possible to keep FreeBSD heads-afloat right now in the security sense.... >OpenBSD has implemented this already and there are many patches for Linux to >do the same... why don't we go ahead and shove some of this code into CVS? By "protected" I presume you mean "non-executable". Whilst making the stack non-executable is trivial, making the system still work isn't. I believe the FreeBSD signal handling still relies on a signal trampoline on the stack. Some ports also expect an executable stack (most commonly lisp implementations). Some years ago, I tried implementing a non-executable stack on a Solaris box. Interleaf promptly stopped working so I had to undo the change. Peter From owner-freebsd-security@FreeBSD.ORG Tue Aug 12 04:21:37 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B92B637B401 for ; Tue, 12 Aug 2003 04:21:37 -0700 (PDT) Received: from amsfep13-int.chello.nl (amsfep13-int.chello.nl [213.46.243.24]) by mx1.FreeBSD.org (Postfix) with ESMTP id 55ED543F75 for ; Tue, 12 Aug 2003 04:21:36 -0700 (PDT) (envelope-from dodell@sitetronics.com) Received: from internal ([213.46.141.159]) by amsfep13-int.chello.nl (InterMail vM.5.01.05.17 201-253-122-126-117-20021021) with ESMTP id <20030812112133.DZRP16676.amsfep13-int.chello.nl@internal>; Tue, 12 Aug 2003 13:21:33 +0200 From: "Devon H. O'Dell" To: "'Peter Jeremy'" Date: Tue, 12 Aug 2003 13:21:11 +0200 Organization: SiteTronics Message-ID: <004001c360c3$da6cf9d0$9f8d2ed5@internal> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook, Build 10.0.4510 In-Reply-To: <20030812111522.GA66788@cirb503493.alcatel.com.au> X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 Importance: Normal cc: security@freebsd.org Subject: RE: realpath(3) et al X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Aug 2003 11:21:38 -0000 It, would though, be trivial to implement this with a #define based upon = the kernel configuration, would it not? Protecting against stack smashing is quite important; I think many hosting environments not using LISP or = other executable-stack-reliant packages would benefit from this. By negating = the ability to execute injected code through a buffer overflow, security is highly increased. By implementing it as a kernel configuration option, I don't think we would lose out at all. Kind regards, Devon H. O'Dell Systems and Network Engineer Simpli, Inc. Web Hosting http://www.simpli.biz > -----Oorspronkelijk bericht----- > Van: owner-freebsd-security@freebsd.org [mailto:owner-freebsd- > security@freebsd.org] Namens Peter Jeremy > Verzonden: Tuesday, August 12, 2003 1:15 PM > Aan: Devon H. O'Dell > CC: security@freebsd.org > Onderwerp: Re: realpath(3) et al >=20 > On Tue, Aug 12, 2003 at 11:02:16AM +0200, Devon H. O'Dell wrote: > >Features such as a protected stack should, IMO, be implemented as = soon as > >possible to keep FreeBSD heads-afloat right now in the security = sense.... > >OpenBSD has implemented this already and there are many patches for = Linux > to > >do the same... why don't we go ahead and shove some of this code into CVS? >=20 > By "protected" I presume you mean "non-executable". Whilst making the > stack non-executable is trivial, making the system still work isn't. > I believe the FreeBSD signal handling still relies on a signal > trampoline on the stack. Some ports also expect an executable stack > (most commonly lisp implementations). >=20 > Some years ago, I tried implementing a non-executable stack on a > Solaris box. Interleaf promptly stopped working so I had to undo the > change. >=20 > Peter > _______________________________________________ > freebsd-security@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "freebsd-security- > unsubscribe@freebsd.org" From owner-freebsd-security@FreeBSD.ORG Tue Aug 12 04:25:08 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 01B5537B405 for ; Tue, 12 Aug 2003 04:25:07 -0700 (PDT) Received: from amsfep14-int.chello.nl (amsfep14-int.chello.nl [213.46.243.22]) by mx1.FreeBSD.org (Postfix) with ESMTP id 61EA343FBD for ; Tue, 12 Aug 2003 04:25:06 -0700 (PDT) (envelope-from dodell@sitetronics.com) Received: from internal ([213.46.141.159]) by amsfep14-int.chello.nl (InterMail vM.5.01.05.17 201-253-122-126-117-20021021) with ESMTP id <20030812112505.UATM15718.amsfep14-int.chello.nl@internal> for ; Tue, 12 Aug 2003 13:25:05 +0200 From: "Devon H. O'Dell" To: Date: Tue, 12 Aug 2003 13:24:50 +0200 Organization: SiteTronics Message-ID: <004101c360c4$58689010$9f8d2ed5@internal> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook, Build 10.0.4510 In-Reply-To: <004001c360c3$da6cf9d0$9f8d2ed5@internal> X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 Importance: Normal Subject: RE: realpath(3) et al X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Aug 2003 11:25:08 -0000 Sorry for not including this in the last message to the newsletter; = isn't it also then high time to fix up the signal handling in FreeBSD if this = *is* the case? Kind regards, Devon H. O'Dell Systems and Network Engineer Simpli, Inc. Web Hosting http://www.simpli.biz > -----Oorspronkelijk bericht----- > Van: owner-freebsd-security@freebsd.org [mailto:owner-freebsd- > security@freebsd.org] Namens Devon H. O'Dell > Verzonden: Tuesday, August 12, 2003 1:21 PM > Aan: 'Peter Jeremy' > CC: security@freebsd.org > Onderwerp: RE: realpath(3) et al >=20 > It, would though, be trivial to implement this with a #define based = upon > the > kernel configuration, would it not? Protecting against stack smashing = is > quite important; I think many hosting environments not using LISP or = other > executable-stack-reliant packages would benefit from this. By negating = the > ability to execute injected code through a buffer overflow, security = is > highly increased. By implementing it as a kernel configuration option, = I > don't think we would lose out at all. >=20 > Kind regards, >=20 > Devon H. O'Dell > Systems and Network Engineer > Simpli, Inc. Web Hosting > http://www.simpli.biz >=20 > > -----Oorspronkelijk bericht----- > > Van: owner-freebsd-security@freebsd.org [mailto:owner-freebsd- > > security@freebsd.org] Namens Peter Jeremy > > Verzonden: Tuesday, August 12, 2003 1:15 PM > > Aan: Devon H. O'Dell > > CC: security@freebsd.org > > Onderwerp: Re: realpath(3) et al > > > > On Tue, Aug 12, 2003 at 11:02:16AM +0200, Devon H. O'Dell wrote: > > >Features such as a protected stack should, IMO, be implemented as = soon > as > > >possible to keep FreeBSD heads-afloat right now in the security > sense.... > > >OpenBSD has implemented this already and there are many patches for > Linux > > to > > >do the same... why don't we go ahead and shove some of this code = into > CVS? > > > > By "protected" I presume you mean "non-executable". Whilst making = the > > stack non-executable is trivial, making the system still work isn't. > > I believe the FreeBSD signal handling still relies on a signal > > trampoline on the stack. Some ports also expect an executable stack > > (most commonly lisp implementations). > > > > Some years ago, I tried implementing a non-executable stack on a > > Solaris box. Interleaf promptly stopped working so I had to undo = the > > change. > > > > Peter > > _______________________________________________ > > freebsd-security@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-security > > To unsubscribe, send any mail to "freebsd-security- > > unsubscribe@freebsd.org" >=20 > _______________________________________________ > freebsd-security@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "freebsd-security- > unsubscribe@freebsd.org" From owner-freebsd-security@FreeBSD.ORG Tue Aug 12 04:31:51 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1927737B401 for ; Tue, 12 Aug 2003 04:31:51 -0700 (PDT) Received: from arthur.nitro.dk (port324.ds1-khk.adsl.cybercity.dk [212.242.113.79]) by mx1.FreeBSD.org (Postfix) with ESMTP id 702D943FAF for ; Tue, 12 Aug 2003 04:31:50 -0700 (PDT) (envelope-from simon@arthur.nitro.dk) Received: by arthur.nitro.dk (Postfix, from userid 1000) id 31AD610BFA8; Tue, 12 Aug 2003 13:31:49 +0200 (CEST) Date: Tue, 12 Aug 2003 13:31:49 +0200 From: "Simon L. Nielsen" To: "Devon H. O'Dell" Message-ID: <20030812113147.GA1022@FreeBSD.org> References: <20030812085617.GA407@FreeBSD.org> <003501c360b0$6dad9970$9f8d2ed5@internal> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="0OAP2g/MAC+5xKAE" Content-Disposition: inline In-Reply-To: <003501c360b0$6dad9970$9f8d2ed5@internal> User-Agent: Mutt/1.5.4i cc: security@freebsd.org Subject: Re: realpath(3) et al X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Aug 2003 11:31:51 -0000 --0OAP2g/MAC+5xKAE Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On 2003.08.12 11:02:16 +0200, Devon H. O'Dell wrote: > Is there a list of these bugs available anywhere? If not, what software is > recommended to import, keep track of, and document these bugs? The audit fixes from OpenBSD? I have no idea if they keep track of them in some special way, but I think that integrating whem will require a lot of looking at CVS commit logs and comparing code. > Features such as a protected stack should, IMO, be implemented as soon as > possible to keep FreeBSD heads-afloat right now in the security sense.... > OpenBSD has implemented this already and there are many patches for Linux= to > do the same... why don't we go ahead and shove some of this code into CVS? This is a different issue which I don't think should be mixed with general auditing, since it's far from a trivial change to support this (at least so I heard - I haven't looked into it, and I have no plans to do so). --=20 Simon L. Nielsen FreeBSD Documentation Team --0OAP2g/MAC+5xKAE Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (FreeBSD) iD8DBQE/ONAjh9pcDSc1mlERAlaYAKCHrsnC6u3GGlspYJJIOoL6hyGUaACfQ97j zPPjx0qw2INamMeTOKDmeYk= =cBiW -----END PGP SIGNATURE----- --0OAP2g/MAC+5xKAE-- From owner-freebsd-security@FreeBSD.ORG Tue Aug 12 04:40:16 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6371737B404 for ; Tue, 12 Aug 2003 04:40:16 -0700 (PDT) Received: from dfmm.org (walter.dfmm.org [209.151.233.240]) by mx1.FreeBSD.org (Postfix) with ESMTP id BB2F543FB1 for ; Tue, 12 Aug 2003 04:40:11 -0700 (PDT) (envelope-from freebsd-security@dfmm.org) Received: (qmail 97188 invoked by uid 1000); 12 Aug 2003 11:40:11 -0000 Received: from localhost (sendmail-bs@127.0.0.1) by localhost with SMTP; 12 Aug 2003 11:40:11 -0000 Date: Tue, 12 Aug 2003 04:40:11 -0700 (PDT) From: Jason Stone X-X-Sender: jason@walter To: security@freebsd.org In-Reply-To: <004001c360c3$da6cf9d0$9f8d2ed5@internal> Message-ID: <20030812042912.V3417@walter> References: <004001c360c3$da6cf9d0$9f8d2ed5@internal> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Subject: RE: realpath(3) et al X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Aug 2003 11:40:16 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 > Protecting against stack smashing is quite important; I think many > hosting environments not using LISP or other executable-stack-reliant > packages would benefit from this. By negating the ability to execute > injected code through a buffer overflow, security is highly increased. I think that this topic has come up before on the list - please check the archives before you get into it again. I think that the consensus has been something along the lines of, it would be nice, _but_: 1) It requires ugly tricks to implement on i386; 2) It does not canonically stop the exploitation of buffer overruns - yes, it stops the current attacks, but the underlying problem that an attacker can change the flow of program execution remains; 3) It would break a whole bunch of stuff. -Jason -------------------------------------------------------------------------- Freud himself was a bit of a cold fish, and one cannot avoid the suspicion that he was insufficiently fondled when he was an infant. -- Ashley Montagu -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (FreeBSD) Comment: See https://private.idealab.com/public/jason/jason.gpg iD8DBQE/ONIbswXMWWtptckRAmeWAKCR0+gKO1TeBncCaIzGaz0OuIaEnwCgpe7u o6iRC44JMJe86lhPj7CqdEg= =ijiO -----END PGP SIGNATURE----- From owner-freebsd-security@FreeBSD.ORG Tue Aug 12 04:41:30 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id BC85337B401; Tue, 12 Aug 2003 04:41:30 -0700 (PDT) Received: from amsfep15-int.chello.nl (amsfep15-int.chello.nl [213.46.243.28]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6B19843F3F; Tue, 12 Aug 2003 04:41:29 -0700 (PDT) (envelope-from dodell@sitetronics.com) Received: from internal ([213.46.141.159]) by amsfep15-int.chello.nl (InterMail vM.5.01.05.17 201-253-122-126-117-20021021) with ESMTP id <20030812114128.QJEK23618.amsfep15-int.chello.nl@internal>; Tue, 12 Aug 2003 13:41:28 +0200 From: "Devon H. O'Dell" To: "'Simon L. Nielsen'" Date: Tue, 12 Aug 2003 13:41:13 +0200 Organization: SiteTronics Message-ID: <005901c360c6$a257a5b0$9f8d2ed5@internal> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook, Build 10.0.4510 In-Reply-To: <20030812113147.GA1022@FreeBSD.org> X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 Importance: Normal cc: security@freebsd.org Subject: RE: realpath(3) et al X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Aug 2003 11:41:31 -0000 > The audit fixes from OpenBSD? I have no idea if they keep track of them > in some special way, but I think that integrating whem will require a > lot of looking at CVS commit logs and comparing code. Well I'll see if I can take a look at what they've been doing... I don't follow their project very much (is there someone here who does?) > This is a different issue which I don't think should be mixed with > general auditing, since it's far from a trivial change to support this > (at least so I heard - I haven't looked into it, and I have no plans to > do so). Yes, it is a very different issue than general security auditing, but will greatly increase the stability and security of FreeBSD. AFAIK there are already patches for this for FreeBSD 4.8-REL. However, it is also one that will boost the image of FreeBSD as well as make it more accepted by third-party auditors (who I'd also like to see audit FreeBSD). I would be more than willing to contribute time and energy into seeing this happen -- it only improves security (and the image of FreeBSD) :). Additionally (and somewhat unrelated), Linux was recently audited and given the status "very secure". I'd like to see this done for FreeBSD; some official security "standards" audits would only do good, and I'd be willing to contribute to any project attempting to do so. Kind regards, Devon H. O'Dell Systems and Network Engineer Simpli, Inc. Web Hosting http://www.simpli.biz > -- > Simon L. Nielsen > FreeBSD Documentation Team From owner-freebsd-security@FreeBSD.ORG Tue Aug 12 05:00:09 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7793837B405 for ; Tue, 12 Aug 2003 05:00:09 -0700 (PDT) Received: from amsfep12-int.chello.nl (amsfep12-int.chello.nl [213.46.243.18]) by mx1.FreeBSD.org (Postfix) with ESMTP id B153843F3F for ; Tue, 12 Aug 2003 05:00:07 -0700 (PDT) (envelope-from dodell@sitetronics.com) Received: from internal ([213.46.141.159]) by amsfep12-int.chello.nl (InterMail vM.5.01.05.17 201-253-122-126-117-20021021) with ESMTP id <20030812120006.SBWX1274.amsfep12-int.chello.nl@internal>; Tue, 12 Aug 2003 14:00:06 +0200 From: "Devon H. O'Dell" To: "'Jason Stone'" , Date: Tue, 12 Aug 2003 13:59:51 +0200 Organization: SiteTronics Message-ID: <006601c360c9$3c9cfc40$9f8d2ed5@internal> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook, Build 10.0.4510 In-Reply-To: <20030812042912.V3417@walter> X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 Importance: Normal Subject: RE: realpath(3) et al X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Aug 2003 12:00:09 -0000 In any case, IBM has a stack smashing protection patch for GCC 3.3 on FreeBSD 4.8 available at http://www.trl.ibm.com/projects/security/ssp/buildfreebsd.html (the description page is at http://www.trl.ibm.com/projects/security/ssp/). = It currently works in the latest cvsupped source from 5.1 as well (I've = built and tested it). Kind regards, Devon H. O'Dell Systems and Network Engineer Simpli, Inc. Web Hosting http://www.simpli.biz > -----Oorspronkelijk bericht----- > Van: owner-freebsd-security@freebsd.org [mailto:owner-freebsd- > security@freebsd.org] Namens Jason Stone > Verzonden: Tuesday, August 12, 2003 1:40 PM > Aan: security@freebsd.org > Onderwerp: RE: realpath(3) et al >=20 > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 >=20 >=20 > > Protecting against stack smashing is quite important; I think many > > hosting environments not using LISP or other = executable-stack-reliant > > packages would benefit from this. By negating the ability to execute > > injected code through a buffer overflow, security is highly = increased. >=20 > I think that this topic has come up before on the list - please check = the > archives before you get into it again. >=20 > I think that the consensus has been something along the lines of, it = would > be nice, _but_: >=20 > 1) It requires ugly tricks to implement on i386; > 2) It does not canonically stop the exploitation of buffer overruns - > yes, it stops the current attacks, but the underlying problem that = an > attacker can change the flow of program execution remains; > 3) It would break a whole bunch of stuff. >=20 >=20 > -Jason >=20 > = -------------------------------------------------------------------------= > - > Freud himself was a bit of a cold fish, and one cannot avoid the > suspicion > that he was insufficiently fondled when he was an infant. > -- Ashley Montagu > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.2.1 (FreeBSD) > Comment: See https://private.idealab.com/public/jason/jason.gpg >=20 > iD8DBQE/ONIbswXMWWtptckRAmeWAKCR0+gKO1TeBncCaIzGaz0OuIaEnwCgpe7u > o6iRC44JMJe86lhPj7CqdEg=3D > =3DijiO > -----END PGP SIGNATURE----- > _______________________________________________ > freebsd-security@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "freebsd-security- > unsubscribe@freebsd.org" From owner-freebsd-security@FreeBSD.ORG Tue Aug 12 05:59:43 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 7C45137B401; Tue, 12 Aug 2003 05:59:43 -0700 (PDT) Received: from mail-pm.star.spb.ru (mail-pm.star.spb.ru [217.195.82.1]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0B20A43F85; Tue, 12 Aug 2003 05:59:41 -0700 (PDT) (envelope-from nkritsky@internethelp.ru) Received: from pink.star.spb.ru ([217.195.82.10]) by mail-pm.star.spb.ru (8.12.9/8.12.8) with ESMTP id h7CCxWPW080982; Tue, 12 Aug 2003 16:59:32 +0400 (MSD) Received: from IBMKA ([217.195.82.7]) by pink.star.spb.ru with SMTP (Microsoft Exchange Internet Mail Service Version 5.5.2653.13) id PQJDY1Q2; Tue, 12 Aug 2003 16:59:32 +0400 Date: Tue, 12 Aug 2003 17:00:00 +0400 From: "Nickolay A. Kritsky" X-Mailer: The Bat! (v1.49) Personal X-Priority: 3 (Normal) Message-ID: <159327446162.20030812170000@internethelp.ru> To: "Jacques A. Vidrine" In-reply-To: <20030811232132.GB46629@madman.celabo.org> References: <20030811133749.U27196@fubar.adept.org> <20030811232132.GB46629@madman.celabo.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit cc: security@freebsd.org Subject: Re[2]: realpath(3) et al X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: "Nickolay A. Kritsky" List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Aug 2003 12:59:43 -0000 Hello Jacques, Tuesday, August 12, 2003, 3:21:32 AM, you wrote: >> My question is... If enabling a 3rd-party audit for some target release >> (5.3+ I'd assume) is desirable, what would be needed money-, time- and >> other-wise? JAV> People need to read code, that's all. You can share your code reading JAV> insights at freebsd-audit@freebsd.org, or if you believe it is JAV> sensitive, with security-team@freebsd.org. JAV> We _do_ already audit code, you know. FreeBSD-SA-03:09.signal was a JAV> result of my auditing, FreeBSD-SA-03:10.ibcs2 was a result of David's JAV> auditing. Also, many commits that are just `cleanup' are the result JAV> of a kind of `auditing'. JAV> What we perhaps lack is coordination. This is not easy in a volunteer JAV> environment, but perhaps something as simple as a `scoreboard' with JAV> `these files being audited/have been audited by whatsmyname' would be JAV> an improvement. On the other hand, in my experience, people are quick JAV> to volunteer and slow to follow up --- usually disappearing. :-( Of JAV> course, those that do follow up often become committers themselves :-) Some time ago I have seen problem reports database on FreeBSD's website. Why don't use it for audit tracking? You can add 'audit' class, or maybe some 'audit-*' categories? Did you thought about this? ;------------------------------------------- ; NKritsky ; mailto:nkritsky@internethelp.ru From owner-freebsd-security@FreeBSD.ORG Tue Aug 12 07:38:25 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4FDF937B404 for ; Tue, 12 Aug 2003 07:38:25 -0700 (PDT) Received: from odin.ac.hmc.edu (Odin.AC.HMC.Edu [134.173.32.75]) by mx1.FreeBSD.org (Postfix) with ESMTP id BA86743F85 for ; Tue, 12 Aug 2003 07:38:24 -0700 (PDT) (envelope-from brdavis@odin.ac.hmc.edu) Received: from odin.ac.hmc.edu (IDENT:brdavis@localhost.localdomain [127.0.0.1]) by odin.ac.hmc.edu (8.12.9/8.12.3) with ESMTP id h7CEcM7c009028; Tue, 12 Aug 2003 07:38:22 -0700 Received: (from brdavis@localhost) by odin.ac.hmc.edu (8.12.9/8.12.3/Submit) id h7CEcMHb009027; Tue, 12 Aug 2003 07:38:22 -0700 Date: Tue, 12 Aug 2003 07:38:22 -0700 From: Brooks Davis To: "Devon H. O'Dell" Message-ID: <20030812143822.GB7750@Odin.AC.HMC.Edu> References: <200308111831.39910.fbsd@w88trigger.com> <002301c360ab$1ec6b940$9f8d2ed5@internal> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="5/uDoXvLw7AC5HRs" Content-Disposition: inline In-Reply-To: <002301c360ab$1ec6b940$9f8d2ed5@internal> User-Agent: Mutt/1.5.4i X-Virus-Scanned: by amavisd-milter (http://amavis.org/) on odin.ac.hmc.edu cc: security@freebsd.org Subject: Re: realpath(3) et al X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Aug 2003 14:38:25 -0000 --5/uDoXvLw7AC5HRs Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue, Aug 12, 2003 at 10:24:16AM +0200, Devon H. O'Dell wrote: > What sorts of security standards commissions are there, how much does > getting "standards certified" cost, and where should we start?=20 I think the ballpark number I heard for a minimal certification under Common Criteria was $1.5m. -- Brooks --5/uDoXvLw7AC5HRs Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.1 (GNU/Linux) iD8DBQE/OPvdXY6L6fI4GtQRAseiAKDISf+VRWUbuGNLU8Bv3NdZpwVxZgCeIKSn Zbnd69YtBPF7Hz3G3IwvQ8g= =7Ktw -----END PGP SIGNATURE----- --5/uDoXvLw7AC5HRs-- From owner-freebsd-security@FreeBSD.ORG Tue Aug 12 07:41:59 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2427537B401 for ; Tue, 12 Aug 2003 07:41:59 -0700 (PDT) Received: from amsfep12-int.chello.nl (amsfep12-int.chello.nl [213.46.243.18]) by mx1.FreeBSD.org (Postfix) with ESMTP id C4E3543F93 for ; Tue, 12 Aug 2003 07:41:57 -0700 (PDT) (envelope-from dodell@sitetronics.com) Received: from internal ([213.46.141.159]) by amsfep12-int.chello.nl (InterMail vM.5.01.05.17 201-253-122-126-117-20021021) with ESMTP id <20030812144156.VPZB1274.amsfep12-int.chello.nl@internal>; Tue, 12 Aug 2003 16:41:56 +0200 From: "Devon H. O'Dell" To: "'Brooks Davis'" Date: Tue, 12 Aug 2003 16:41:32 +0200 Organization: SiteTronics Message-ID: <009d01c360df$d2afb590$9f8d2ed5@internal> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook, Build 10.0.4510 In-Reply-To: <20030812143822.GB7750@Odin.AC.HMC.Edu> X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 Importance: Normal cc: security@freebsd.org Subject: RE: realpath(3) et al X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Aug 2003 14:41:59 -0000 Okay, so where do we begin with taking contributions? Devon > -----Oorspronkelijk bericht----- > Van: owner-freebsd-security@freebsd.org [mailto:owner-freebsd- > security@freebsd.org] Namens Brooks Davis > Verzonden: Tuesday, August 12, 2003 4:38 PM > Aan: Devon H. O'Dell > CC: security@freebsd.org > Onderwerp: Re: realpath(3) et al > > On Tue, Aug 12, 2003 at 10:24:16AM +0200, Devon H. O'Dell wrote: > > What sorts of security standards commissions are there, how much does > > getting "standards certified" cost, and where should we start? > > I think the ballpark number I heard for a minimal certification under > Common Criteria was $1.5m. > > -- Brooks From owner-freebsd-security@FreeBSD.ORG Tue Aug 12 08:21:38 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E956037B40C for ; Tue, 12 Aug 2003 08:21:38 -0700 (PDT) Received: from mail.redstarnetworks.net (www.redstarnetworks.net [216.240.150.218]) by mx1.FreeBSD.org (Postfix) with ESMTP id 44AB243F75 for ; Tue, 12 Aug 2003 08:21:28 -0700 (PDT) (envelope-from chris@redstarnetworks.net) Received: (qmail 80379 invoked by uid 85); 12 Aug 2003 15:18:18 -0000 Received: from chris@redstarnetworks.net by colowww.redstarnetworks.net by uid 0 with qmail-scanner-1.16 (clamscan: 0.54. spamassassin: 2.50. Clear:. Processed in 0.678049 secs); 12 Aug 2003 15:18:18 -0000 Received: from unknown (HELO delllaptop) (208.57.57.9) by mail.redstarnetworks.net with SMTP; 12 Aug 2003 15:18:17 -0000 From: "Chris Odell" To: "'Devon H. O'Dell'" Date: Tue, 12 Aug 2003 08:15:41 -0700 Organization: Red Star Networks, INC Message-ID: <000201c360e4$9a450390$0304a8c0@delllaptop> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook, Build 10.0.2627 In-Reply-To: <009d01c360df$d2afb590$9f8d2ed5@internal> X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Importance: Normal cc: security@freebsd.org Subject: RE: realpath(3) et al X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: chris@redstarnetworks.net List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Aug 2003 15:21:39 -0000 Corporations - INTERNET Companies... If you look at the big picture, having a O.S. that has been audited for issues would actually be cost effective for them. Having to patch a machine that is in service causes downtime. Lets see - Each machine takes ten (10) minutes of human work to drop into single user mode and install new binaries/kernels The company has one thousand (1000) machines That comes to ten thousand (10000) minutes, broken down to hours - 167 Hours The average admin say is making forty five (45) dollars a hour - over $7000.00 - not including taxes paid by employer. So if one hundred fifty companies donated one thousand dollars (1000) it would save them downtime, payroll, and taxes. Just a rough estimate and my 2 cents Chris Odell chris@redstarnetworks.net -----Original Message----- From: owner-freebsd-security@freebsd.org [mailto:owner-freebsd-security@freebsd.org] On Behalf Of Devon H. O'Dell Sent: Tuesday, August 12, 2003 7:42 AM To: 'Brooks Davis' Cc: security@freebsd.org Subject: RE: realpath(3) et al Okay, so where do we begin with taking contributions? Devon > -----Oorspronkelijk bericht----- > Van: owner-freebsd-security@freebsd.org [mailto:owner-freebsd- > security@freebsd.org] Namens Brooks Davis > Verzonden: Tuesday, August 12, 2003 4:38 PM > Aan: Devon H. O'Dell > CC: security@freebsd.org > Onderwerp: Re: realpath(3) et al > > On Tue, Aug 12, 2003 at 10:24:16AM +0200, Devon H. O'Dell wrote: > > What sorts of security standards commissions are there, how much > > does getting "standards certified" cost, and where should we start? > > I think the ballpark number I heard for a minimal certification under > Common Criteria was $1.5m. > > -- Brooks _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org" From owner-freebsd-security@FreeBSD.ORG Tue Aug 12 08:31:21 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 25EE537B42B for ; Tue, 12 Aug 2003 08:31:21 -0700 (PDT) Received: from amsfep11-int.chello.nl (amsfep11-int.chello.nl [213.46.243.20]) by mx1.FreeBSD.org (Postfix) with ESMTP id 448D143FE9 for ; Tue, 12 Aug 2003 08:31:11 -0700 (PDT) (envelope-from dodell@sitetronics.com) Received: from internal ([213.46.141.159]) by amsfep11-int.chello.nl (InterMail vM.5.01.05.17 201-253-122-126-117-20021021) with ESMTP id <20030812153110.VEFE11121.amsfep11-int.chello.nl@internal>; Tue, 12 Aug 2003 17:31:10 +0200 From: "Devon H. O'Dell" To: Date: Tue, 12 Aug 2003 17:30:44 +0200 Organization: SiteTronics Message-ID: <00bc01c360e6$b2ac0b70$9f8d2ed5@internal> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook, Build 10.0.4510 In-Reply-To: <000201c360e4$9a450390$0304a8c0@delllaptop> X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 Importance: Normal cc: security@freebsd.org Subject: RE: realpath(3) et al X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Aug 2003 15:31:22 -0000 Well, not only would it save companies money, but it would be beneficial = for FreeBSD and system administrators as well. I know several administrators = who are forced to work with Linux because it is "certified" and "more widely supported" than "any of the BSDs". This is, of course, absolute crap, = but without any audit certifications, companies are less likely to even take = a peek into what FreeBSD can offer. I'd personally be willing to contribute a bit of money (probably even = more as I come to have it). However, I do not feel comfortable donating this money saying, "Here's $150, use it for a certification." and then = needing not knowing if/when others will be doing the same. There needs to be an initiative from the FreeBSD group to get this started -- people need to = be able to click a button on the front page of freebsd.org and be able to donate as much money as they want (or find out where to send a check). In any case, 150 companies donating $1,000 would only cover 10% of the = money needed for this certification. I don't know how many companies are using FreeBSD nor do I know their interests in helping with the evolution of FreeBSD; I would guess, however, that there are enough companies and = private parties who would be able to fund this type of project. It would be beneficial to them (as you've just proven) and to the project overall. Should I propose this on freebsd-audit? Is there any way I can help = other than via a monetary contribution? I'd like to do both. Kind regards, Devon H. O'Dell Systems and Network Engineer Simpli, Inc. Web Hosting http://www.simpli.biz > -----Oorspronkelijk bericht----- > Van: owner-freebsd-security@freebsd.org [mailto:owner-freebsd- > security@freebsd.org] Namens Chris Odell > Verzonden: Tuesday, August 12, 2003 5:16 PM > Aan: 'Devon H. O'Dell' > CC: security@freebsd.org > Onderwerp: RE: realpath(3) et al >=20 >=20 > Corporations - INTERNET Companies... >=20 > If you look at the big picture, having a O.S. that has been audited > for issues would actually be cost effective for them. Having to patch = a > machine that is in service causes downtime. >=20 > Lets see - >=20 > Each machine takes ten (10) minutes of human work to drop into = single > user mode and install new binaries/kernels >=20 > The company has one thousand (1000) machines >=20 > That comes to ten thousand (10000) minutes, broken down to hours - = 167 > Hours >=20 > The average admin say is making forty five (45) dollars a hour - = over > $7000.00 - not including taxes paid by employer. >=20 > So if one hundred fifty companies donated one thousand dollars = (1000) > it would save them downtime, payroll, and taxes. >=20 > Just a rough estimate and my 2 cents >=20 >=20 > Chris Odell > chris@redstarnetworks.net >=20 >=20 > -----Original Message----- > From: owner-freebsd-security@freebsd.org > [mailto:owner-freebsd-security@freebsd.org] On Behalf Of Devon H. = O'Dell > Sent: Tuesday, August 12, 2003 7:42 AM > To: 'Brooks Davis' > Cc: security@freebsd.org > Subject: RE: realpath(3) et al >=20 >=20 > Okay, so where do we begin with taking contributions? >=20 > Devon >=20 > > -----Oorspronkelijk bericht----- > > Van: owner-freebsd-security@freebsd.org [mailto:owner-freebsd- > > security@freebsd.org] Namens Brooks Davis > > Verzonden: Tuesday, August 12, 2003 4:38 PM > > Aan: Devon H. O'Dell > > CC: security@freebsd.org > > Onderwerp: Re: realpath(3) et al > > > > On Tue, Aug 12, 2003 at 10:24:16AM +0200, Devon H. O'Dell wrote: > > > What sorts of security standards commissions are there, how much > > > does getting "standards certified" cost, and where should we = start? > > > > I think the ballpark number I heard for a minimal certification = under > > Common Criteria was $1.5m. > > > > -- Brooks >=20 > _______________________________________________ > freebsd-security@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to > "freebsd-security-unsubscribe@freebsd.org" >=20 > _______________________________________________ > freebsd-security@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "freebsd-security- > unsubscribe@freebsd.org" From owner-freebsd-security@FreeBSD.ORG Tue Aug 12 08:36:02 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id DDC1237B401 for ; Tue, 12 Aug 2003 08:36:02 -0700 (PDT) Received: from otter3.centtech.com (moat3.centtech.com [207.200.51.50]) by mx1.FreeBSD.org (Postfix) with ESMTP id D31E543FBF for ; Tue, 12 Aug 2003 08:36:01 -0700 (PDT) (envelope-from anderson@centtech.com) Received: from centtech.com (dhcp-181.centtech.com [204.177.173.181]) by otter3.centtech.com (8.12.3/8.12.3) with ESMTP id h7CFa056022110; Tue, 12 Aug 2003 10:36:01 -0500 (CDT) (envelope-from anderson@centtech.com) Message-ID: <3F390945.8060509@centtech.com> Date: Tue, 12 Aug 2003 10:35:33 -0500 From: Eric Anderson User-Agent: Mozilla/5.0 (X11; U; Linux i386; en-US; rv:1.4) Gecko/20030624 Netscape/7.1 X-Accept-Language: en-us, en MIME-Version: 1.0 To: chris@redstarnetworks.net References: <000201c360e4$9a450390$0304a8c0@delllaptop> In-Reply-To: <000201c360e4$9a450390$0304a8c0@delllaptop> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit cc: "'Devon H. O'Dell'" cc: security@freebsd.org Subject: Re: realpath(3) et al X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Aug 2003 15:36:03 -0000 Chris Odell wrote: > > Corporations - INTERNET Companies... > > If you look at the big picture, having a O.S. that has been audited > for issues would actually be cost effective for them. Having to patch a > machine that is in service causes downtime. > > Lets see - > > Each machine takes ten (10) minutes of human work to drop into single > user mode and install new binaries/kernels > > The company has one thousand (1000) machines > > That comes to ten thousand (10000) minutes, broken down to hours - 167 > Hours > > The average admin say is making forty five (45) dollars a hour - over > $7000.00 - not including taxes paid by employer. > > So if one hundred fifty companies donated one thousand dollars (1000) > it would save them downtime, payroll, and taxes. > > Just a rough estimate and my 2 cents Unfortunately, you're assuming there are 150 companies with 1000 FreeBSD machines, that have an admin getting paid $90k/yr. I think you'd have better luck raising $50 from 3000 people to achieve that same amount of money, but still I believe it would be very hard. Eric -- ------------------------------------------------------------------ Eric Anderson Systems Administrator Centaur Technology Attitudes are contagious, is yours worth catching? ------------------------------------------------------------------ From owner-freebsd-security@FreeBSD.ORG Tue Aug 12 11:17:22 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2930037B405 for ; Tue, 12 Aug 2003 11:17:22 -0700 (PDT) Received: from mail.redstarnetworks.net (www.redstarnetworks.net [216.240.150.218]) by mx1.FreeBSD.org (Postfix) with ESMTP id AB6E643FAF for ; Tue, 12 Aug 2003 11:17:15 -0700 (PDT) (envelope-from chris@redstarnetworks.net) Received: (qmail 81464 invoked by uid 85); 12 Aug 2003 18:14:12 -0000 Received: from chris@redstarnetworks.net by colowww.redstarnetworks.net by uid 0 with qmail-scanner-1.16 (clamscan: 0.54. spamassassin: 2.50. Clear:. Processed in 0.677798 secs); 12 Aug 2003 18:14:12 -0000 Received: from unknown (HELO delllaptop) (208.57.57.9) by mail.redstarnetworks.net with SMTP; 12 Aug 2003 18:14:10 -0000 From: "Chris Odell" To: "'Eric Anderson'" , Date: Tue, 12 Aug 2003 11:11:25 -0700 Organization: Red Star Networks, INC Message-ID: <000f01c360fd$2bc3f200$0304a8c0@delllaptop> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook, Build 10.0.2627 In-Reply-To: <3F390945.8060509@centtech.com> X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Importance: Normal Subject: Certification - realpath(3) et al X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: chris@redstarnetworks.net List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Aug 2003 18:17:22 -0000 I agree... I was just throwing that out there - it was not a researched statistic. But on the same note - There are plenty of carrier hotels that have far more then 1000 machines in service. As a matter of fact over the past year there have been plenty of houses that have made the switch to FreeBSD. Chris Odell -----Original Message----- From: owner-freebsd-security@freebsd.org [mailto:owner-freebsd-security@freebsd.org] On Behalf Of Eric Anderson Sent: Tuesday, August 12, 2003 8:36 AM To: chris@redstarnetworks.net Cc: 'Devon H. O'Dell'; security@freebsd.org Subject: Re: realpath(3) et al Chris Odell wrote: > > Corporations - INTERNET Companies... > > If you look at the big picture, having a O.S. that has been audited > for issues would actually be cost effective for them. Having to patch > a machine that is in service causes downtime. > > Lets see - > > Each machine takes ten (10) minutes of human work to drop into single > user mode and install new binaries/kernels > > The company has one thousand (1000) machines > > That comes to ten thousand (10000) minutes, broken down to hours - > 167 Hours > > The average admin say is making forty five (45) dollars a hour - > over $7000.00 - not including taxes paid by employer. > > So if one hundred fifty companies donated one thousand dollars > (1000) it would save them downtime, payroll, and taxes. > > Just a rough estimate and my 2 cents Unfortunately, you're assuming there are 150 companies with 1000 FreeBSD machines, that have an admin getting paid $90k/yr. I think you'd have better luck raising $50 from 3000 people to achieve that same amount of money, but still I believe it would be very hard. Eric -- ------------------------------------------------------------------ Eric Anderson Systems Administrator Centaur Technology Attitudes are contagious, is yours worth catching? ------------------------------------------------------------------ _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org" From owner-freebsd-security@FreeBSD.ORG Tue Aug 12 11:27:14 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4ADD237B401 for ; Tue, 12 Aug 2003 11:27:14 -0700 (PDT) Received: from lava.sentex.ca (pyroxene.sentex.ca [199.212.134.18]) by mx1.FreeBSD.org (Postfix) with ESMTP id 7870D43FBD for ; Tue, 12 Aug 2003 11:27:13 -0700 (PDT) (envelope-from mike@sentex.net) Received: from simian.sentex.net (simeon.sentex.ca [192.168.43.27]) by lava.sentex.ca (8.12.9/8.12.8) with ESMTP id h7CIRB21080629; Tue, 12 Aug 2003 14:27:12 -0400 (EDT) (envelope-from mike@sentex.net) Message-Id: <5.2.0.9.0.20030812142811.07fbbc58@209.112.4.2> X-Sender: mdtpop@209.112.4.2 (Unverified) X-Mailer: QUALCOMM Windows Eudora Version 5.2.0.9 Date: Tue, 12 Aug 2003 14:29:24 -0400 To: "Devon H. O'Dell" From: Mike Tancsa In-Reply-To: <00bc01c360e6$b2ac0b70$9f8d2ed5@internal> References: <000201c360e4$9a450390$0304a8c0@delllaptop> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed X-Virus-Scanned: By Sentex Communications (lava/20020517) cc: security@freebsd.org Subject: RE: realpath(3) et al X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Aug 2003 18:27:14 -0000 At 05:30 PM 12/08/2003 +0200, Devon H. O'Dell wrote: >not knowing if/when others will be doing the same. There needs to be an >initiative from the FreeBSD group to get this started -- people need to be >able to click a button on the front page of freebsd.org and be able to >donate as much money as they want (or find out where to send a check). There already is. http://www.freebsdfoundation.org/ >Should I propose this on freebsd-audit? This is more of an advocacy discussion now :-) ---Mike >Is there any way I can help other >than via a monetary contribution? I'd like to do both. > >Kind regards, > >Devon H. O'Dell >Systems and Network Engineer >Simpli, Inc. Web Hosting >http://www.simpli.biz > > > -----Oorspronkelijk bericht----- > > Van: owner-freebsd-security@freebsd.org [mailto:owner-freebsd- > > security@freebsd.org] Namens Chris Odell > > Verzonden: Tuesday, August 12, 2003 5:16 PM > > Aan: 'Devon H. O'Dell' > > CC: security@freebsd.org > > Onderwerp: RE: realpath(3) et al > > > > > > Corporations - INTERNET Companies... > > > > If you look at the big picture, having a O.S. that has been audited > > for issues would actually be cost effective for them. Having to patch a > > machine that is in service causes downtime. > > > > Lets see - > > > > Each machine takes ten (10) minutes of human work to drop into single > > user mode and install new binaries/kernels > > > > The company has one thousand (1000) machines > > > > That comes to ten thousand (10000) minutes, broken down to hours - 167 > > Hours > > > > The average admin say is making forty five (45) dollars a hour - over > > $7000.00 - not including taxes paid by employer. > > > > So if one hundred fifty companies donated one thousand dollars (1000) > > it would save them downtime, payroll, and taxes. > > > > Just a rough estimate and my 2 cents > > > > > > Chris Odell > > chris@redstarnetworks.net > > > > > > -----Original Message----- > > From: owner-freebsd-security@freebsd.org > > [mailto:owner-freebsd-security@freebsd.org] On Behalf Of Devon H. O'Dell > > Sent: Tuesday, August 12, 2003 7:42 AM > > To: 'Brooks Davis' > > Cc: security@freebsd.org > > Subject: RE: realpath(3) et al > > > > > > Okay, so where do we begin with taking contributions? > > > > Devon > > > > > -----Oorspronkelijk bericht----- > > > Van: owner-freebsd-security@freebsd.org [mailto:owner-freebsd- > > > security@freebsd.org] Namens Brooks Davis > > > Verzonden: Tuesday, August 12, 2003 4:38 PM > > > Aan: Devon H. O'Dell > > > CC: security@freebsd.org > > > Onderwerp: Re: realpath(3) et al > > > > > > On Tue, Aug 12, 2003 at 10:24:16AM +0200, Devon H. O'Dell wrote: > > > > What sorts of security standards commissions are there, how much > > > > does getting "standards certified" cost, and where should we start? > > > > > > I think the ballpark number I heard for a minimal certification under > > > Common Criteria was $1.5m. > > > > > > -- Brooks > > > > _______________________________________________ > > freebsd-security@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-security > > To unsubscribe, send any mail to > > "freebsd-security-unsubscribe@freebsd.org" > > > > _______________________________________________ > > freebsd-security@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-security > > To unsubscribe, send any mail to "freebsd-security- > > unsubscribe@freebsd.org" > >_______________________________________________ >freebsd-security@freebsd.org mailing list >http://lists.freebsd.org/mailman/listinfo/freebsd-security >To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org" From owner-freebsd-security@FreeBSD.ORG Tue Aug 12 11:29:45 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 86A0737B401 for ; Tue, 12 Aug 2003 11:29:45 -0700 (PDT) Received: from amsfep12-int.chello.nl (amsfep12-int.chello.nl [213.46.243.18]) by mx1.FreeBSD.org (Postfix) with ESMTP id 49FD643FDD for ; Tue, 12 Aug 2003 11:29:44 -0700 (PDT) (envelope-from dodell@sitetronics.com) Received: from internal ([213.46.141.159]) by amsfep12-int.chello.nl (InterMail vM.5.01.05.17 201-253-122-126-117-20021021) with ESMTP id <20030812182942.CTX1274.amsfep12-int.chello.nl@internal>; Tue, 12 Aug 2003 20:29:42 +0200 From: "Devon H. O'Dell" To: "'Mike Tancsa'" Date: Tue, 12 Aug 2003 20:29:10 +0200 Organization: SiteTronics Message-ID: <00e501c360ff$9ffbc470$9f8d2ed5@internal> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook, Build 10.0.4510 In-Reply-To: <5.2.0.9.0.20030812142811.07fbbc58@209.112.4.2> X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 Importance: Normal cc: security@freebsd.org Subject: RE: realpath(3) et al X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Aug 2003 18:29:45 -0000 Right, but without some particular initiative drive that the organization is trying to do such a thing, it's difficult to get others to follow in the footsteps. I'd happily be the first to donate to this cause, as long as I knew that others would be doing the same. I sure as hell-fire can't donate 1.5M. I can donate $150. Devon > -----Oorspronkelijk bericht----- > Van: owner-freebsd-security@freebsd.org [mailto:owner-freebsd- > security@freebsd.org] Namens Mike Tancsa > Verzonden: Tuesday, August 12, 2003 8:29 PM > Aan: Devon H. O'Dell > CC: security@freebsd.org > Onderwerp: RE: realpath(3) et al > > At 05:30 PM 12/08/2003 +0200, Devon H. O'Dell wrote: > >not knowing if/when others will be doing the same. There needs to be an > >initiative from the FreeBSD group to get this started -- people need to > be > >able to click a button on the front page of freebsd.org and be able to > >donate as much money as they want (or find out where to send a check). > > There already is. > http://www.freebsdfoundation.org/ > > > > >Should I propose this on freebsd-audit? > > This is more of an advocacy discussion now :-) > > ---Mike > > > >Is there any way I can help other > >than via a monetary contribution? I'd like to do both. > > > >Kind regards, > > > >Devon H. O'Dell > >Systems and Network Engineer > >Simpli, Inc. Web Hosting > >http://www.simpli.biz > > > > > -----Oorspronkelijk bericht----- > > > Van: owner-freebsd-security@freebsd.org [mailto:owner-freebsd- > > > security@freebsd.org] Namens Chris Odell > > > Verzonden: Tuesday, August 12, 2003 5:16 PM > > > Aan: 'Devon H. O'Dell' > > > CC: security@freebsd.org > > > Onderwerp: RE: realpath(3) et al > > > > > > > > > Corporations - INTERNET Companies... > > > > > > If you look at the big picture, having a O.S. that has been audited > > > for issues would actually be cost effective for them. Having to patch > a > > > machine that is in service causes downtime. > > > > > > Lets see - > > > > > > Each machine takes ten (10) minutes of human work to drop into > single > > > user mode and install new binaries/kernels > > > > > > The company has one thousand (1000) machines > > > > > > That comes to ten thousand (10000) minutes, broken down to hours - > 167 > > > Hours > > > > > > The average admin say is making forty five (45) dollars a hour - > over > > > $7000.00 - not including taxes paid by employer. > > > > > > So if one hundred fifty companies donated one thousand dollars (1000) > > > it would save them downtime, payroll, and taxes. > > > > > > Just a rough estimate and my 2 cents > > > > > > > > > Chris Odell > > > chris@redstarnetworks.net > > > > > > > > > -----Original Message----- > > > From: owner-freebsd-security@freebsd.org > > > [mailto:owner-freebsd-security@freebsd.org] On Behalf Of Devon H. > O'Dell > > > Sent: Tuesday, August 12, 2003 7:42 AM > > > To: 'Brooks Davis' > > > Cc: security@freebsd.org > > > Subject: RE: realpath(3) et al > > > > > > > > > Okay, so where do we begin with taking contributions? > > > > > > Devon > > > > > > > -----Oorspronkelijk bericht----- > > > > Van: owner-freebsd-security@freebsd.org [mailto:owner-freebsd- > > > > security@freebsd.org] Namens Brooks Davis > > > > Verzonden: Tuesday, August 12, 2003 4:38 PM > > > > Aan: Devon H. O'Dell > > > > CC: security@freebsd.org > > > > Onderwerp: Re: realpath(3) et al > > > > > > > > On Tue, Aug 12, 2003 at 10:24:16AM +0200, Devon H. O'Dell wrote: > > > > > What sorts of security standards commissions are there, how much > > > > > does getting "standards certified" cost, and where should we start? > > > > > > > > I think the ballpark number I heard for a minimal certification > under > > > > Common Criteria was $1.5m. > > > > > > > > -- Brooks > > > > > > _______________________________________________ > > > freebsd-security@freebsd.org mailing list > > > http://lists.freebsd.org/mailman/listinfo/freebsd-security > > > To unsubscribe, send any mail to > > > "freebsd-security-unsubscribe@freebsd.org" > > > > > > _______________________________________________ > > > freebsd-security@freebsd.org mailing list > > > http://lists.freebsd.org/mailman/listinfo/freebsd-security > > > To unsubscribe, send any mail to "freebsd-security- > > > unsubscribe@freebsd.org" > > > >_______________________________________________ > >freebsd-security@freebsd.org mailing list > >http://lists.freebsd.org/mailman/listinfo/freebsd-security > >To unsubscribe, send any mail to "freebsd-security- > unsubscribe@freebsd.org" > > _______________________________________________ > freebsd-security@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "freebsd-security- > unsubscribe@freebsd.org" From owner-freebsd-security@FreeBSD.ORG Tue Aug 12 11:32:16 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id CEAC337B401 for ; Tue, 12 Aug 2003 11:32:16 -0700 (PDT) Received: from mail.redstarnetworks.net (www.redstarnetworks.net [216.240.150.218]) by mx1.FreeBSD.org (Postfix) with ESMTP id 03F1043FAF for ; Tue, 12 Aug 2003 11:32:16 -0700 (PDT) (envelope-from chris@redstarnetworks.net) Received: (qmail 81650 invoked by uid 85); 12 Aug 2003 18:29:12 -0000 Received: from chris@redstarnetworks.net by colowww.redstarnetworks.net by uid 0 with qmail-scanner-1.16 (clamscan: 0.54. spamassassin: 2.50. Clear:. Processed in 0.680479 secs); 12 Aug 2003 18:29:12 -0000 Received: from unknown (HELO delllaptop) (208.57.57.9) by mail.redstarnetworks.net with SMTP; 12 Aug 2003 18:29:11 -0000 From: "Chris Odell" To: Date: Tue, 12 Aug 2003 11:26:36 -0700 Organization: Red Star Networks, INC Message-ID: <001201c360ff$4458c0a0$0304a8c0@delllaptop> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook, Build 10.0.2627 In-Reply-To: <006601c360c9$3c9cfc40$9f8d2ed5@internal> X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 Importance: Normal Subject: RE: realpath(3) et al X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: chris@redstarnetworks.net List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Aug 2003 18:32:17 -0000 I would do the same - For Hosting providers this is actually a benefit for tax reasons - FreeBSD is a not for profit organization. Chris Odell -----Original Message----- From: owner-freebsd-security@freebsd.org [mailto:owner-freebsd-security@freebsd.org] On Behalf Of Devon H. O'Dell Sent: Tuesday, August 12, 2003 5:00 AM To: 'Jason Stone'; security@freebsd.org Subject: RE: realpath(3) et al In any case, IBM has a stack smashing protection patch for GCC 3.3 on FreeBSD 4.8 available at http://www.trl.ibm.com/projects/security/ssp/buildfreebsd.html (the description page is at http://www.trl.ibm.com/projects/security/ssp/). It currently works in the latest cvsupped source from 5.1 as well (I've built and tested it). Kind regards, Devon H. O'Dell Systems and Network Engineer Simpli, Inc. Web Hosting http://www.simpli.biz > -----Oorspronkelijk bericht----- > Van: owner-freebsd-security@freebsd.org [mailto:owner-freebsd- > security@freebsd.org] Namens Jason Stone > Verzonden: Tuesday, August 12, 2003 1:40 PM > Aan: security@freebsd.org > Onderwerp: RE: realpath(3) et al > > -----BEGIN PGP SIGNED MESSAGE----- > Hash: SHA1 > > > > Protecting against stack smashing is quite important; I think many > > hosting environments not using LISP or other > > executable-stack-reliant packages would benefit from this. By > > negating the ability to execute injected code through a buffer > > overflow, security is highly increased. > > I think that this topic has come up before on the list - please check > the archives before you get into it again. > > I think that the consensus has been something along the lines of, it > would be nice, _but_: > > 1) It requires ugly tricks to implement on i386; > 2) It does not canonically stop the exploitation of buffer overruns - > yes, it stops the current attacks, but the underlying problem that an > attacker can change the flow of program execution remains; > 3) It would break a whole bunch of stuff. > > > -Jason > > > ------------------------------------------------------------------------ - > - > Freud himself was a bit of a cold fish, and one cannot avoid the > suspicion > that he was insufficiently fondled when he was an infant. > -- Ashley Montagu > -----BEGIN PGP SIGNATURE----- > Version: GnuPG v1.2.1 (FreeBSD) > Comment: See https://private.idealab.com/public/jason/jason.gpg > > iD8DBQE/ONIbswXMWWtptckRAmeWAKCR0+gKO1TeBncCaIzGaz0OuIaEnwCgpe7u > o6iRC44JMJe86lhPj7CqdEg= > =ijiO > -----END PGP SIGNATURE----- > _______________________________________________ > freebsd-security@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "freebsd-security- > unsubscribe@freebsd.org" _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org" From owner-freebsd-security@FreeBSD.ORG Tue Aug 12 11:32:42 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 58B3837B404 for ; Tue, 12 Aug 2003 11:32:42 -0700 (PDT) Received: from lava.sentex.ca (pyroxene.sentex.ca [199.212.134.18]) by mx1.FreeBSD.org (Postfix) with ESMTP id 5201343F93 for ; Tue, 12 Aug 2003 11:32:40 -0700 (PDT) (envelope-from mike@sentex.net) Received: from simian.sentex.net (simeon.sentex.ca [192.168.43.27]) by lava.sentex.ca (8.12.9/8.12.8) with ESMTP id h7CIWd21080647; Tue, 12 Aug 2003 14:32:39 -0400 (EDT) (envelope-from mike@sentex.net) Message-Id: <5.2.0.9.0.20030812143325.087525b8@209.112.4.2> X-Sender: mdtpop@209.112.4.2 (Unverified) X-Mailer: QUALCOMM Windows Eudora Version 5.2.0.9 Date: Tue, 12 Aug 2003 14:34:51 -0400 To: "Devon H. O'Dell" From: Mike Tancsa In-Reply-To: <00e501c360ff$9ffbc470$9f8d2ed5@internal> References: <5.2.0.9.0.20030812142811.07fbbc58@209.112.4.2> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed X-Virus-Scanned: By Sentex Communications (lava/20020517) cc: security@freebsd.org Subject: RE: realpath(3) et al X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Aug 2003 18:32:42 -0000 OK, I already have donated money and equipment and resources. I will do again in the very near future. Your turn :-) This really should be moved over to the advocacy list BTW ---Mike At 08:29 PM 12/08/2003 +0200, Devon H. O'Dell wrote: >Right, but without some particular initiative drive that the organization is >trying to do such a thing, it's difficult to get others to follow in the >footsteps. I'd happily be the first to donate to this cause, as long as I >knew that others would be doing the same. I sure as hell-fire can't donate >1.5M. I can donate $150. > >Devon > > > -----Oorspronkelijk bericht----- > > Van: owner-freebsd-security@freebsd.org [mailto:owner-freebsd- > > security@freebsd.org] Namens Mike Tancsa > > Verzonden: Tuesday, August 12, 2003 8:29 PM > > Aan: Devon H. O'Dell > > CC: security@freebsd.org > > Onderwerp: RE: realpath(3) et al > > > > At 05:30 PM 12/08/2003 +0200, Devon H. O'Dell wrote: > > >not knowing if/when others will be doing the same. There needs to be an > > >initiative from the FreeBSD group to get this started -- people need to > > be > > >able to click a button on the front page of freebsd.org and be able to > > >donate as much money as they want (or find out where to send a check). > > > > There already is. > > http://www.freebsdfoundation.org/ > > > > > > > > >Should I propose this on freebsd-audit? > > > > This is more of an advocacy discussion now :-) > > > > ---Mike > > > > > > >Is there any way I can help other > > >than via a monetary contribution? I'd like to do both. > > > > > >Kind regards, > > > > > >Devon H. O'Dell > > >Systems and Network Engineer > > >Simpli, Inc. Web Hosting > > >http://www.simpli.biz > > > > > > > -----Oorspronkelijk bericht----- > > > > Van: owner-freebsd-security@freebsd.org [mailto:owner-freebsd- > > > > security@freebsd.org] Namens Chris Odell > > > > Verzonden: Tuesday, August 12, 2003 5:16 PM > > > > Aan: 'Devon H. O'Dell' > > > > CC: security@freebsd.org > > > > Onderwerp: RE: realpath(3) et al > > > > > > > > > > > > Corporations - INTERNET Companies... > > > > > > > > If you look at the big picture, having a O.S. that has been audited > > > > for issues would actually be cost effective for them. Having to patch > > a > > > > machine that is in service causes downtime. > > > > > > > > Lets see - > > > > > > > > Each machine takes ten (10) minutes of human work to drop into > > single > > > > user mode and install new binaries/kernels > > > > > > > > The company has one thousand (1000) machines > > > > > > > > That comes to ten thousand (10000) minutes, broken down to hours - > > 167 > > > > Hours > > > > > > > > The average admin say is making forty five (45) dollars a hour - > > over > > > > $7000.00 - not including taxes paid by employer. > > > > > > > > So if one hundred fifty companies donated one thousand dollars >(1000) > > > > it would save them downtime, payroll, and taxes. > > > > > > > > Just a rough estimate and my 2 cents > > > > > > > > > > > > Chris Odell > > > > chris@redstarnetworks.net > > > > > > > > > > > > -----Original Message----- > > > > From: owner-freebsd-security@freebsd.org > > > > [mailto:owner-freebsd-security@freebsd.org] On Behalf Of Devon H. > > O'Dell > > > > Sent: Tuesday, August 12, 2003 7:42 AM > > > > To: 'Brooks Davis' > > > > Cc: security@freebsd.org > > > > Subject: RE: realpath(3) et al > > > > > > > > > > > > Okay, so where do we begin with taking contributions? > > > > > > > > Devon > > > > > > > > > -----Oorspronkelijk bericht----- > > > > > Van: owner-freebsd-security@freebsd.org [mailto:owner-freebsd- > > > > > security@freebsd.org] Namens Brooks Davis > > > > > Verzonden: Tuesday, August 12, 2003 4:38 PM > > > > > Aan: Devon H. O'Dell > > > > > CC: security@freebsd.org > > > > > Onderwerp: Re: realpath(3) et al > > > > > > > > > > On Tue, Aug 12, 2003 at 10:24:16AM +0200, Devon H. O'Dell wrote: > > > > > > What sorts of security standards commissions are there, how much > > > > > > does getting "standards certified" cost, and where should we >start? > > > > > > > > > > I think the ballpark number I heard for a minimal certification > > under > > > > > Common Criteria was $1.5m. > > > > > > > > > > -- Brooks > > > > > > > > _______________________________________________ > > > > freebsd-security@freebsd.org mailing list > > > > http://lists.freebsd.org/mailman/listinfo/freebsd-security > > > > To unsubscribe, send any mail to > > > > "freebsd-security-unsubscribe@freebsd.org" > > > > > > > > _______________________________________________ > > > > freebsd-security@freebsd.org mailing list > > > > http://lists.freebsd.org/mailman/listinfo/freebsd-security > > > > To unsubscribe, send any mail to "freebsd-security- > > > > unsubscribe@freebsd.org" > > > > > >_______________________________________________ > > >freebsd-security@freebsd.org mailing list > > >http://lists.freebsd.org/mailman/listinfo/freebsd-security > > >To unsubscribe, send any mail to "freebsd-security- > > unsubscribe@freebsd.org" > > > > _______________________________________________ > > freebsd-security@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-security > > To unsubscribe, send any mail to "freebsd-security- > > unsubscribe@freebsd.org" From owner-freebsd-security@FreeBSD.ORG Tue Aug 12 12:57:36 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 28D8537B401; Tue, 12 Aug 2003 12:57:36 -0700 (PDT) Received: from gw.celabo.org (gw.celabo.org [208.42.49.153]) by mx1.FreeBSD.org (Postfix) with ESMTP id 685D243FA3; Tue, 12 Aug 2003 12:57:35 -0700 (PDT) (envelope-from nectar@celabo.org) Received: from madman.celabo.org (madman.celabo.org [10.0.1.111]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "madman.celabo.org", Issuer "celabo.org CA" (verified OK)) by gw.celabo.org (Postfix) with ESMTP id D59C65482B; Tue, 12 Aug 2003 14:57:34 -0500 (CDT) Received: by madman.celabo.org (Postfix, from userid 1001) id 2CBDF6D461; Tue, 12 Aug 2003 14:57:31 -0500 (CDT) Date: Tue, 12 Aug 2003 14:57:31 -0500 From: "Jacques A. Vidrine" To: "Simon L. Nielsen" Message-ID: <20030812195731.GA51604@madman.celabo.org> References: <20030811133749.U27196@fubar.adept.org> <20030811232132.GB46629@madman.celabo.org> <20030811162602.N72549@fubar.adept.org> <20030812085617.GA407@FreeBSD.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20030812085617.GA407@FreeBSD.org> X-Url: http://www.celabo.org/ User-Agent: Mutt/1.5.4i-ja.1 cc: security@freebsd.org Subject: auditing source code (was Re: realpath(3) et al) X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Aug 2003 19:57:36 -0000 On Tue, Aug 12, 2003 at 10:56:18AM +0200, Simon L. Nielsen wrote: > On 2003.08.11 16:34:40 -0700, Mike Hoskins wrote: > > > Wasn't there a page (maybe there still is...) showing sections of the base > > system as 'assigned' to certain individuals, with contact info listed? I > > think it was pretty stale for awhile, but maybe something similar could be > > revived and maintained. If it already is, great! > > There is http://www.freebsd.org/auditors.html I wasn't even aware of this page. :-) > but it hasn't been updated for > a very long time. ``a very long time'' > 4 years, apparently. Ugh, unfortunately this underlines too well that organizing an effort won't make it happen ... people actually still need to do the hard work. Having said that, perhaps we should give this one more chance. I will think about resurrecting this. Cheers, -- Jacques Vidrine . NTT/Verio SME . FreeBSD UNIX . Heimdal nectar@celabo.org . jvidrine@verio.net . nectar@freebsd.org . nectar@kth.se From owner-freebsd-security@FreeBSD.ORG Tue Aug 12 12:59:47 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D289137B401; Tue, 12 Aug 2003 12:59:47 -0700 (PDT) Received: from gw.celabo.org (gw.celabo.org [208.42.49.153]) by mx1.FreeBSD.org (Postfix) with ESMTP id 14C2343FA3; Tue, 12 Aug 2003 12:59:47 -0700 (PDT) (envelope-from nectar@celabo.org) Received: from madman.celabo.org (madman.celabo.org [10.0.1.111]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "madman.celabo.org", Issuer "celabo.org CA" (verified OK)) by gw.celabo.org (Postfix) with ESMTP id 9109B5482B; Tue, 12 Aug 2003 14:59:46 -0500 (CDT) Received: by madman.celabo.org (Postfix, from userid 1001) id 20FBE6D461; Tue, 12 Aug 2003 14:59:46 -0500 (CDT) Date: Tue, 12 Aug 2003 14:59:46 -0500 From: "Jacques A. Vidrine" To: "Devon H. O'Dell" Message-ID: <20030812195946.GB51604@madman.celabo.org> Mail-Followup-To: "Jacques A. Vidrine" , "Devon H. O'Dell" , 'Jason Stone' , security@freebsd.org, kris@FreeBSD.org References: <20030812042912.V3417@walter> <006601c360c9$3c9cfc40$9f8d2ed5@internal> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <006601c360c9$3c9cfc40$9f8d2ed5@internal> X-Url: http://www.celabo.org/ User-Agent: Mutt/1.5.4i-ja.1 cc: 'Jason Stone' cc: kris@FreeBSD.org cc: security@freebsd.org Subject: Re: realpath(3) et al X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Aug 2003 19:59:48 -0000 On Tue, Aug 12, 2003 at 01:59:51PM +0200, Devon H. O'Dell wrote: > In any case, IBM has a stack smashing protection patch for GCC 3.3 on > FreeBSD 4.8 available at > http://www.trl.ibm.com/projects/security/ssp/buildfreebsd.html (the > description page is at http://www.trl.ibm.com/projects/security/ssp/). It > currently works in the latest cvsupped source from 5.1 as well (I've built > and tested it). http://www.research.ibm.com/trl/projects/security/ssp/ has the latest. Yes, I'd like to see this in the base system as well. Our toolchain in 5.x is calming down a bit, maybe the timing is getting ripe. I thought Kris looked into this before, but I don't recall what might have ultimately stopped him from making the commits. cc:ing him in case he has insight to share. Cheers, -- Jacques Vidrine . NTT/Verio SME . FreeBSD UNIX . Heimdal nectar@celabo.org . jvidrine@verio.net . nectar@freebsd.org . nectar@kth.se From owner-freebsd-security@FreeBSD.ORG Tue Aug 12 13:01:36 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5FD7237B401; Tue, 12 Aug 2003 13:01:36 -0700 (PDT) Received: from gw.celabo.org (gw.celabo.org [208.42.49.153]) by mx1.FreeBSD.org (Postfix) with ESMTP id AC2E043F93; Tue, 12 Aug 2003 13:01:35 -0700 (PDT) (envelope-from nectar@celabo.org) Received: from madman.celabo.org (madman.celabo.org [10.0.1.111]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "madman.celabo.org", Issuer "celabo.org CA" (verified OK)) by gw.celabo.org (Postfix) with ESMTP id 491F75482B; Tue, 12 Aug 2003 15:01:35 -0500 (CDT) Received: by madman.celabo.org (Postfix, from userid 1001) id B63346D461; Tue, 12 Aug 2003 15:01:34 -0500 (CDT) Date: Tue, 12 Aug 2003 15:01:34 -0500 From: "Jacques A. Vidrine" To: "Devon H. O'Dell" Message-ID: <20030812200134.GC51604@madman.celabo.org> References: <20030812113147.GA1022@FreeBSD.org> <005901c360c6$a257a5b0$9f8d2ed5@internal> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <005901c360c6$a257a5b0$9f8d2ed5@internal> X-Url: http://www.celabo.org/ User-Agent: Mutt/1.5.4i-ja.1 cc: "'Simon L. Nielsen'" cc: security@freebsd.org Subject: Re: realpath(3) et al X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Aug 2003 20:01:36 -0000 On Tue, Aug 12, 2003 at 01:41:13PM +0200, Devon H. O'Dell wrote: > However, it is also one that > will boost the image of FreeBSD as well as make it more accepted by > third-party auditors (who I'd also like to see audit FreeBSD). Who are these `third-party auditors'? > Additionally (and somewhat unrelated), Linux was recently audited and given > the status "very secure". REALLY? Wow, ``very secure''!! I'm switching!! (Tongue-in-cheek) I think we'd need deep pockets for just about ANY kind of useful certification, security-related or not. Cheers, -- Jacques Vidrine . NTT/Verio SME . FreeBSD UNIX . Heimdal nectar@celabo.org . jvidrine@verio.net . nectar@freebsd.org . nectar@kth.se From owner-freebsd-security@FreeBSD.ORG Tue Aug 12 13:06:30 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9159137B401 for ; Tue, 12 Aug 2003 13:06:30 -0700 (PDT) Received: from gw.celabo.org (gw.celabo.org [208.42.49.153]) by mx1.FreeBSD.org (Postfix) with ESMTP id D7C3443F75 for ; Tue, 12 Aug 2003 13:06:29 -0700 (PDT) (envelope-from nectar@celabo.org) Received: from madman.celabo.org (madman.celabo.org [10.0.1.111]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "madman.celabo.org", Issuer "celabo.org CA" (verified OK)) by gw.celabo.org (Postfix) with ESMTP id 6BB465482B; Tue, 12 Aug 2003 15:06:29 -0500 (CDT) Received: by madman.celabo.org (Postfix, from userid 1001) id EB9136D473; Tue, 12 Aug 2003 15:06:28 -0500 (CDT) Date: Tue, 12 Aug 2003 15:06:28 -0500 From: "Jacques A. Vidrine" To: Chris Odell Message-ID: <20030812200628.GD51604@madman.celabo.org> References: <009d01c360df$d2afb590$9f8d2ed5@internal> <000201c360e4$9a450390$0304a8c0@delllaptop> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <000201c360e4$9a450390$0304a8c0@delllaptop> X-Url: http://www.celabo.org/ User-Agent: Mutt/1.5.4i-ja.1 cc: "'Devon H. O'Dell'" cc: security@freebsd.org Subject: Re: realpath(3) et al X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Aug 2003 20:06:30 -0000 On Tue, Aug 12, 2003 at 08:15:41AM -0700, Chris Odell wrote: > > Corporations - INTERNET Companies... > > If you look at the big picture, having a O.S. that has been audited > for issues would actually be cost effective for them. Having to patch a > machine that is in service causes downtime. > > Lets see - > > Each machine takes ten (10) minutes of human work to drop into single > user mode and install new binaries/kernels > > The company has one thousand (1000) machines > > That comes to ten thousand (10000) minutes, broken down to hours - 167 > Hours > > The average admin say is making forty five (45) dollars a hour - over > $7000.00 - not including taxes paid by employer. > > So if one hundred fifty companies donated one thousand dollars (1000) > it would save them downtime, payroll, and taxes. > > Just a rough estimate and my 2 cents Not to discount your actual point (auditing for issues may be cost effective), but this may be a poor example. We (Verio) have huge numbers of FreeBSD servers, but distributing an upgrade is fairly painless... particularly if it is a new kernel. We don't need anywhere near 10 minutes of human time per machine. I'm pretty sure other hosting companies (or other companies with beaucoup servers) likewise have this corner of operations down to a science. Cheers, -- Jacques Vidrine . NTT/Verio SME . FreeBSD UNIX . Heimdal nectar@celabo.org . jvidrine@verio.net . nectar@freebsd.org . nectar@kth.se From owner-freebsd-security@FreeBSD.ORG Tue Aug 12 13:12:20 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A810637B401; Tue, 12 Aug 2003 13:12:20 -0700 (PDT) Received: from amsfep15-int.chello.nl (amsfep15-int.chello.nl [213.46.243.28]) by mx1.FreeBSD.org (Postfix) with ESMTP id C462143FAF; Tue, 12 Aug 2003 13:12:16 -0700 (PDT) (envelope-from dodell@sitetronics.com) Received: from internal ([213.46.141.159]) by amsfep15-int.chello.nl (InterMail vM.5.01.05.17 201-253-122-126-117-20021021) with ESMTP id <20030812201215.VZX23618.amsfep15-int.chello.nl@internal>; Tue, 12 Aug 2003 22:12:15 +0200 From: "Devon H. O'Dell" To: "'Jacques A. Vidrine'" Date: Tue, 12 Aug 2003 22:12:10 +0200 Organization: SiteTronics Message-ID: <000001c3610e$05e7f570$9f8d2ed5@internal> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook, Build 10.0.4510 In-Reply-To: <20030812200134.GC51604@madman.celabo.org> Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 cc: "'Simon L. Nielsen'" cc: security@freebsd.org Subject: RE: realpath(3) et al X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Aug 2003 20:12:21 -0000 > On Tue, Aug 12, 2003 at 01:41:13PM +0200, Devon H. O'Dell wrote: > > However, it is also one that > > will boost the image of FreeBSD as well as make it more accepted by > > third-party auditors (who I'd also like to see audit FreeBSD). >=20 > Who are these `third-party auditors'? There are a few who do security-related audits. I'll see if I can get a = list made up. =20 > > Additionally (and somewhat unrelated), Linux was recently audited = and > given > > the status "very secure". >=20 > REALLY? Wow, ``very secure''!! I'm switching!! (Tongue-in-cheek) >=20 > I think we'd need deep pockets for just about ANY kind of useful > certification, security-related or not. We probably would. This is why I'm suggesting that it become something = we stick on the front page of freebsd.org/freebsdfoundation.org. Since = FreeBSD is a not-for-profit organization (as Chris Odell pointed out) I think = it'd actually be attractive for people (and corporations using FreeBSD) to = donate as it would be tax-deductible. It just needs to be made well-known that = this is a goal of the Foundation, and I think people will be willing to = donate to it. We've already had $300 of pledges today :) --Devon > Cheers, > -- > Jacques Vidrine . NTT/Verio SME . FreeBSD UNIX . Heimdal > nectar@celabo.org . jvidrine@verio.net . nectar@freebsd.org . > nectar@kth.se > _______________________________________________ > freebsd-security@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "freebsd-security- > unsubscribe@freebsd.org" From owner-freebsd-security@FreeBSD.ORG Tue Aug 12 13:14:58 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3E8C237B401; Tue, 12 Aug 2003 13:14:58 -0700 (PDT) Received: from amsfep13-int.chello.nl (amsfep13-int.chello.nl [213.46.243.24]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8C2BD43F75; Tue, 12 Aug 2003 13:14:56 -0700 (PDT) (envelope-from dodell@sitetronics.com) Received: from internal ([213.46.141.159]) by amsfep13-int.chello.nl (InterMail vM.5.01.05.17 201-253-122-126-117-20021021) with ESMTP id <20030812201455.OKME16676.amsfep13-int.chello.nl@internal>; Tue, 12 Aug 2003 22:14:55 +0200 From: "Devon H. O'Dell" To: "'Jacques A. Vidrine'" Date: Tue, 12 Aug 2003 22:14:54 +0200 Organization: SiteTronics Message-ID: <000101c3610e$64f4ff40$9f8d2ed5@internal> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook, Build 10.0.4510 In-Reply-To: <20030812195946.GB51604@madman.celabo.org> Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 cc: 'Jason Stone' cc: kris@FreeBSD.org cc: security@freebsd.org Subject: RE: realpath(3) et al X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Aug 2003 20:14:58 -0000 I'd be willing to take over merging this into the base system if Kris has lost interest. Kind regards, Devon H. O'Dell Systems and Network Engineer Simpli, Inc. Web Hosting http://www.simpli.biz > -----Oorspronkelijk bericht----- > Van: Jacques A. Vidrine [mailto:nectar@FreeBSD.org] > Verzonden: Tuesday, August 12, 2003 10:00 PM > Aan: Devon H. O'Dell > CC: 'Jason Stone'; security@freebsd.org; kris@FreeBSD.org > Onderwerp: Re: realpath(3) et al > > On Tue, Aug 12, 2003 at 01:59:51PM +0200, Devon H. O'Dell wrote: > > In any case, IBM has a stack smashing protection patch for GCC 3.3 on > > FreeBSD 4.8 available at > > http://www.trl.ibm.com/projects/security/ssp/buildfreebsd.html (the > > description page is at http://www.trl.ibm.com/projects/security/ssp/). > It > > currently works in the latest cvsupped source from 5.1 as well (I've > built > > and tested it). > > http://www.research.ibm.com/trl/projects/security/ssp/ has the latest. > Yes, I'd like to see this in the base system as well. Our toolchain > in 5.x is calming down a bit, maybe the timing is getting ripe. > > I thought Kris looked into this before, but I don't recall what might > have ultimately stopped him from making the commits. cc:ing him in > case he has insight to share. > > Cheers, > -- > Jacques Vidrine . NTT/Verio SME . FreeBSD UNIX . Heimdal > nectar@celabo.org . jvidrine@verio.net . nectar@freebsd.org . > nectar@kth.se From owner-freebsd-security@FreeBSD.ORG Tue Aug 12 13:28:22 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id DA68037B404 for ; Tue, 12 Aug 2003 13:28:22 -0700 (PDT) Received: from web10108.mail.yahoo.com (web10108.mail.yahoo.com [216.136.130.58]) by mx1.FreeBSD.org (Postfix) with SMTP id 80E6743F93 for ; Tue, 12 Aug 2003 13:28:22 -0700 (PDT) (envelope-from twigles@yahoo.com) Message-ID: <20030812202822.28566.qmail@web10108.mail.yahoo.com> Received: from [68.5.49.41] by web10108.mail.yahoo.com via HTTP; Tue, 12 Aug 2003 13:28:22 PDT Date: Tue, 12 Aug 2003 13:28:22 -0700 (PDT) From: twig les To: security@freebsd.org In-Reply-To: <000001c3610e$05e7f570$9f8d2ed5@internal> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Subject: Certification (was RE: realpath(3) et al) X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Aug 2003 20:28:23 -0000 I actually just asked about FreeBSD's status regarding Common Criteria last week on -questions but no one knew; one guy answered that it would be wasteful. Is this the cert on everyone's mind? It would be nice to have this cert for the 5.x line but I understand that it is massively expensive and the resources may be better spent on development. Has the team discussed this? --- "Devon H. O'Dell" wrote: > > On Tue, Aug 12, 2003 at 01:41:13PM +0200, Devon H. O'Dell > wrote: > > > However, it is also one that > > > will boost the image of FreeBSD as well as make it more > accepted by > > > third-party auditors (who I'd also like to see audit > FreeBSD). > > > > Who are these `third-party auditors'? > > There are a few who do security-related audits. I'll see if I > can get a list > made up. > > > > Additionally (and somewhat unrelated), Linux was recently > audited and > > given > > > the status "very secure". > > > > REALLY? Wow, ``very secure''!! I'm switching!! > (Tongue-in-cheek) > > > > I think we'd need deep pockets for just about ANY kind of > useful > > certification, security-related or not. > > We probably would. This is why I'm suggesting that it become > something we > stick on the front page of freebsd.org/freebsdfoundation.org. > Since FreeBSD > is a not-for-profit organization (as Chris Odell pointed out) > I think it'd > actually be attractive for people (and corporations using > FreeBSD) to donate > as it would be tax-deductible. It just needs to be made > well-known that this > is a goal of the Foundation, and I think people will be > willing to donate to > it. We've already had $300 of pledges today :) > > --Devon > > > Cheers, > > -- > > Jacques Vidrine . NTT/Verio SME . FreeBSD UNIX > . Heimdal > > nectar@celabo.org . jvidrine@verio.net . nectar@freebsd.org > . > > nectar@kth.se > > _______________________________________________ > > freebsd-security@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-security > > To unsubscribe, send any mail to "freebsd-security- > > unsubscribe@freebsd.org" > > _______________________________________________ > freebsd-security@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org" ===== ----------------------------------------------------------- Emo is what happens when the glee club goes punk. ----------------------------------------------------------- __________________________________ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com From owner-freebsd-security@FreeBSD.ORG Tue Aug 12 13:32:34 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E34CC37B401 for ; Tue, 12 Aug 2003 13:32:33 -0700 (PDT) Received: from amsfep11-int.chello.nl (amsfep11-int.chello.nl [213.46.243.20]) by mx1.FreeBSD.org (Postfix) with ESMTP id 5DE7A43FAF for ; Tue, 12 Aug 2003 13:32:28 -0700 (PDT) (envelope-from dodell@sitetronics.com) Received: from internal ([213.46.141.159]) by amsfep11-int.chello.nl (InterMail vM.5.01.05.17 201-253-122-126-117-20021021) with ESMTP id <20030812203227.BGJW11121.amsfep11-int.chello.nl@internal>; Tue, 12 Aug 2003 22:32:27 +0200 From: "Devon H. O'Dell" To: "'twig les'" , Date: Tue, 12 Aug 2003 22:32:26 +0200 Organization: SiteTronics Message-ID: <000401c36110$d7db4b70$9f8d2ed5@internal> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook, Build 10.0.4510 In-Reply-To: <20030812202822.28566.qmail@web10108.mail.yahoo.com> Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 Subject: RE: Certification (was RE: realpath(3) et al) X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Aug 2003 20:32:34 -0000 This is what I'm wondering about and what I'd like to contribute and donate to/for. I don't feel that it would be a waste of time. I feel that it would give: a) A better image of FreeBSD b) More reason for corporations to actually *use* FreeBSD, and c) Stop all the people on /. from whining about how FreeBSD is dead (like anybody gives a (#*@ but okay ;) My other thread is re: stack smashing protection. Lets separate the two. --Devon > -----Oorspronkelijk bericht----- > Van: owner-freebsd-security@freebsd.org [mailto:owner-freebsd- > security@freebsd.org] Namens twig les > Verzonden: Tuesday, August 12, 2003 10:28 PM > Aan: security@freebsd.org > Onderwerp: Certification (was RE: realpath(3) et al) > > I actually just asked about FreeBSD's status regarding Common > Criteria last week on -questions but no one knew; one guy > answered that it would be wasteful. Is this the cert on > everyone's mind? It would be nice to have this cert for the 5.x > line but I understand that it is massively expensive and the > resources may be better spent on development. Has the team > discussed this? > > > --- "Devon H. O'Dell" wrote: > > > On Tue, Aug 12, 2003 at 01:41:13PM +0200, Devon H. O'Dell > > wrote: > > > > However, it is also one that > > > > will boost the image of FreeBSD as well as make it more > > accepted by > > > > third-party auditors (who I'd also like to see audit > > FreeBSD). > > > > > > Who are these `third-party auditors'? > > > > There are a few who do security-related audits. I'll see if I > > can get a list > > made up. > > > > > > Additionally (and somewhat unrelated), Linux was recently > > audited and > > > given > > > > the status "very secure". > > > > > > REALLY? Wow, ``very secure''!! I'm switching!! > > (Tongue-in-cheek) > > > > > > I think we'd need deep pockets for just about ANY kind of > > useful > > > certification, security-related or not. > > > > We probably would. This is why I'm suggesting that it become > > something we > > stick on the front page of freebsd.org/freebsdfoundation.org. > > Since FreeBSD > > is a not-for-profit organization (as Chris Odell pointed out) > > I think it'd > > actually be attractive for people (and corporations using > > FreeBSD) to donate > > as it would be tax-deductible. It just needs to be made > > well-known that this > > is a goal of the Foundation, and I think people will be > > willing to donate to > > it. We've already had $300 of pledges today :) > > > > --Devon > > > > > Cheers, > > > -- > > > Jacques Vidrine . NTT/Verio SME . FreeBSD UNIX > > . Heimdal > > > nectar@celabo.org . jvidrine@verio.net . nectar@freebsd.org > > . > > > nectar@kth.se > > > _______________________________________________ > > > freebsd-security@freebsd.org mailing list > > > http://lists.freebsd.org/mailman/listinfo/freebsd-security > > > To unsubscribe, send any mail to "freebsd-security- > > > unsubscribe@freebsd.org" > > > > _______________________________________________ > > freebsd-security@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-security > > To unsubscribe, send any mail to > "freebsd-security-unsubscribe@freebsd.org" > > > ===== > ----------------------------------------------------------- > Emo is what happens when the glee club goes punk. > ----------------------------------------------------------- > > __________________________________ > Do you Yahoo!? > Yahoo! SiteBuilder - Free, easy-to-use web site design software > http://sitebuilder.yahoo.com > _______________________________________________ > freebsd-security@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "freebsd-security- > unsubscribe@freebsd.org" From owner-freebsd-security@FreeBSD.ORG Tue Aug 12 13:48:05 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E37F337B401; Tue, 12 Aug 2003 13:48:05 -0700 (PDT) Received: from obsecurity.dyndns.org (adsl-64-169-107-97.dsl.lsan03.pacbell.net [64.169.107.97]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0CF3C43FA3; Tue, 12 Aug 2003 13:48:05 -0700 (PDT) (envelope-from kris@obsecurity.org) Received: from rot13.obsecurity.org (rot13.obsecurity.org [10.0.0.5]) by obsecurity.dyndns.org (Postfix) with ESMTP id B2A8766B04; Tue, 12 Aug 2003 13:48:04 -0700 (PDT) Received: by rot13.obsecurity.org (Postfix, from userid 1000) id 89A65788; Tue, 12 Aug 2003 13:48:04 -0700 (PDT) Date: Tue, 12 Aug 2003 13:48:04 -0700 From: Kris Kennaway To: "Jacques A. Vidrine" , "Devon H. O'Dell" , 'Jason Stone' , security@freebsd.org, kris@FreeBSD.org Message-ID: <20030812204804.GC49087@rot13.obsecurity.org> References: <20030812042912.V3417@walter> <006601c360c9$3c9cfc40$9f8d2ed5@internal> <20030812195946.GB51604@madman.celabo.org> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="RIYY1s2vRbPFwWeW" Content-Disposition: inline In-Reply-To: <20030812195946.GB51604@madman.celabo.org> User-Agent: Mutt/1.4.1i Subject: Re: realpath(3) et al X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Aug 2003 20:48:06 -0000 --RIYY1s2vRbPFwWeW Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue, Aug 12, 2003 at 02:59:46PM -0500, Jacques A. Vidrine wrote: > On Tue, Aug 12, 2003 at 01:59:51PM +0200, Devon H. O'Dell wrote: > > In any case, IBM has a stack smashing protection patch for GCC 3.3 on > > FreeBSD 4.8 available at > > http://www.trl.ibm.com/projects/security/ssp/buildfreebsd.html (the > > description page is at http://www.trl.ibm.com/projects/security/ssp/). = It > > currently works in the latest cvsupped source from 5.1 as well (I've bu= ilt > > and tested it). >=20 > http://www.research.ibm.com/trl/projects/security/ssp/ has the latest. > Yes, I'd like to see this in the base system as well. Our toolchain > in 5.x is calming down a bit, maybe the timing is getting ripe. >=20 > I thought Kris looked into this before, but I don't recall what might > have ultimately stopped him from making the commits. cc:ing him in > case he has insight to share. The gcc maintainer (David O'Brien at the time) was unwilling to support the burden of an external gcc patch which would need to be re-integrated by him each time a new gcc version was imported. Instead, we agreed that the best solution was to make a port that uses this patch, which can be updated periodically as the SSP authors track new gcc releases. Neither of us followed through on this though. Kris --RIYY1s2vRbPFwWeW Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (FreeBSD) iD8DBQE/OVKDWry0BWjoQKURAoqsAJ9aF/dhvDwY32oCSTmFrwebYWUaEQCg46pO XaB1Yi3LBebp6pSmn7eJUY8= =cypF -----END PGP SIGNATURE----- --RIYY1s2vRbPFwWeW-- From owner-freebsd-security@FreeBSD.ORG Tue Aug 12 13:49:37 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9CCAD37B405; Tue, 12 Aug 2003 13:49:37 -0700 (PDT) Received: from amsfep11-int.chello.nl (amsfep11-int.chello.nl [213.46.243.20]) by mx1.FreeBSD.org (Postfix) with ESMTP id CD0A943F3F; Tue, 12 Aug 2003 13:49:35 -0700 (PDT) (envelope-from dodell@sitetronics.com) Received: from internal ([213.46.141.159]) by amsfep11-int.chello.nl (InterMail vM.5.01.05.17 201-253-122-126-117-20021021) with ESMTP id <20030812204935.BPHE11121.amsfep11-int.chello.nl@internal>; Tue, 12 Aug 2003 22:49:35 +0200 From: "Devon H. O'Dell" To: "'Kris Kennaway'" , "'Jacques A. Vidrine'" , "'Jason Stone'" , , Date: Tue, 12 Aug 2003 22:49:33 +0200 Organization: SiteTronics Message-ID: <000e01c36113$3c6f8400$9f8d2ed5@internal> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook, Build 10.0.4510 In-Reply-To: <20030812204804.GC49087@rot13.obsecurity.org> Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 Subject: RE: realpath(3) et al X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Aug 2003 20:49:38 -0000 If you guys are too busy for maintaining this port, shall I take on this burden? --Devon > -----Oorspronkelijk bericht----- > Van: Kris Kennaway [mailto:kris@obsecurity.org] > Verzonden: Tuesday, August 12, 2003 10:48 PM > Aan: Jacques A. Vidrine; Devon H. O'Dell; 'Jason Stone'; > security@freebsd.org; kris@FreeBSD.org > Onderwerp: Re: realpath(3) et al >=20 > On Tue, Aug 12, 2003 at 02:59:46PM -0500, Jacques A. Vidrine wrote: > > On Tue, Aug 12, 2003 at 01:59:51PM +0200, Devon H. O'Dell wrote: > > > In any case, IBM has a stack smashing protection patch for GCC 3.3 = on > > > FreeBSD 4.8 available at > > > http://www.trl.ibm.com/projects/security/ssp/buildfreebsd.html = (the > > > description page is at = http://www.trl.ibm.com/projects/security/ssp/). > It > > > currently works in the latest cvsupped source from 5.1 as well = (I've > built > > > and tested it). > > > > http://www.research.ibm.com/trl/projects/security/ssp/ has the = latest. > > Yes, I'd like to see this in the base system as well. Our toolchain > > in 5.x is calming down a bit, maybe the timing is getting ripe. > > > > I thought Kris looked into this before, but I don't recall what = might > > have ultimately stopped him from making the commits. cc:ing him in > > case he has insight to share. >=20 > The gcc maintainer (David O'Brien at the time) was unwilling to > support the burden of an external gcc patch which would need to be > re-integrated by him each time a new gcc version was imported. >=20 > Instead, we agreed that the best solution was to make a port that uses > this patch, which can be updated periodically as the SSP authors track > new gcc releases. Neither of us followed through on this though. >=20 > Kris From owner-freebsd-security@FreeBSD.ORG Tue Aug 12 13:56:27 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5266D37B401; Tue, 12 Aug 2003 13:56:27 -0700 (PDT) Received: from obsecurity.dyndns.org (adsl-64-169-107-97.dsl.lsan03.pacbell.net [64.169.107.97]) by mx1.FreeBSD.org (Postfix) with ESMTP id 89A8843F75; Tue, 12 Aug 2003 13:56:26 -0700 (PDT) (envelope-from kris@obsecurity.org) Received: from rot13.obsecurity.org (rot13.obsecurity.org [10.0.0.5]) by obsecurity.dyndns.org (Postfix) with ESMTP id 04E6366B04; Tue, 12 Aug 2003 13:56:26 -0700 (PDT) Received: by rot13.obsecurity.org (Postfix, from userid 1000) id C9B287A8; Tue, 12 Aug 2003 13:56:25 -0700 (PDT) Date: Tue, 12 Aug 2003 13:56:25 -0700 From: Kris Kennaway To: "Devon H. O'Dell" Message-ID: <20030812205625.GA49232@rot13.obsecurity.org> References: <20030812204804.GC49087@rot13.obsecurity.org> <000e01c36113$3c6f8400$9f8d2ed5@internal> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="wac7ysb48OaltWcw" Content-Disposition: inline In-Reply-To: <000e01c36113$3c6f8400$9f8d2ed5@internal> User-Agent: Mutt/1.4.1i cc: "'Jacques A. Vidrine'" cc: 'Jason Stone' cc: kris@FreeBSD.org cc: security@freebsd.org cc: 'Kris Kennaway' Subject: Re: realpath(3) et al X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Aug 2003 20:56:27 -0000 --wac7ysb48OaltWcw Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On Tue, Aug 12, 2003 at 10:49:33PM +0200, Devon H. O'Dell wrote: > If you guys are too busy for maintaining this port, shall I take on this > burden? >=20 > --Devon Sure. I recommend making a slave port of the gcc33 and gcc295 ports. Kris --wac7ysb48OaltWcw Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (FreeBSD) iD8DBQE/OVR5Wry0BWjoQKURAvFPAKDIWKRZ5bRXpR33wJN5h7iogOXvfQCdFGVG bpGFsOxCe6PXcfA9Cu2up+o= =PdN/ -----END PGP SIGNATURE----- --wac7ysb48OaltWcw-- From owner-freebsd-security@FreeBSD.ORG Tue Aug 12 13:57:58 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8902C37B401; Tue, 12 Aug 2003 13:57:58 -0700 (PDT) Received: from amsfep12-int.chello.nl (amsfep12-int.chello.nl [213.46.243.18]) by mx1.FreeBSD.org (Postfix) with ESMTP id 64C4A43FB1; Tue, 12 Aug 2003 13:57:56 -0700 (PDT) (envelope-from dodell@sitetronics.com) Received: from internal ([213.46.141.159]) by amsfep12-int.chello.nl (InterMail vM.5.01.05.17 201-253-122-126-117-20021021) with ESMTP id <20030812205755.DBLD1274.amsfep12-int.chello.nl@internal>; Tue, 12 Aug 2003 22:57:55 +0200 From: "Devon H. O'Dell" To: "'Kris Kennaway'" Date: Tue, 12 Aug 2003 22:57:54 +0200 Organization: SiteTronics Message-ID: <003301c36114$66894c20$9f8d2ed5@internal> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook, Build 10.0.4510 In-Reply-To: <20030812205625.GA49232@rot13.obsecurity.org> Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 cc: "'Jacques A. Vidrine'" cc: 'Jason Stone' cc: kris@FreeBSD.org cc: security@freebsd.org Subject: RE: realpath(3) et al X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Aug 2003 20:57:58 -0000 I'm on it. Thanks :) --Devon > -----Oorspronkelijk bericht----- > Van: owner-freebsd-security@freebsd.org [mailto:owner-freebsd- > security@freebsd.org] Namens Kris Kennaway > Verzonden: Tuesday, August 12, 2003 10:56 PM > Aan: Devon H. O'Dell > CC: 'Jacques A. Vidrine'; 'Jason Stone'; kris@FreeBSD.org; > security@freebsd.org; 'Kris Kennaway' > Onderwerp: Re: realpath(3) et al >=20 > On Tue, Aug 12, 2003 at 10:49:33PM +0200, Devon H. O'Dell wrote: > > If you guys are too busy for maintaining this port, shall I take on = this > > burden? > > > > --Devon >=20 > Sure. I recommend making a slave port of the gcc33 and gcc295 ports. >=20 > Kris From owner-freebsd-security@FreeBSD.ORG Tue Aug 12 14:04:51 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id BF94A37B40F; Tue, 12 Aug 2003 14:04:51 -0700 (PDT) Received: from zephir.primus.ca (mail.tor.primus.ca [216.254.136.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id 8CF0343FA3; Tue, 12 Aug 2003 14:04:50 -0700 (PDT) (envelope-from leth@lethargic.dyndns.org) Received: from dialin-152-97.tor.primus.ca ([216.254.152.97] helo=lethargic.dyndns.org) by zephir.primus.ca with esmtp (TLSv1:DES-CBC3-SHA:168) (Exim 3.36 #3) id 19mgK0-0008R0-0A; Tue, 12 Aug 2003 17:04:49 -0400 Received: from lethargic.dyndns.org (localhost [127.0.0.1]) by lethargic.dyndns.org (8.12.9/8.12.9) with ESMTP id h7CL5aTm024174; Tue, 12 Aug 2003 17:05:37 -0400 (EDT) (envelope-from leth@lethargic.dyndns.org) Received: (from leth@localhost) by lethargic.dyndns.org (8.12.9/8.12.9/Submit) id h7CL5Z7Q024173; Tue, 12 Aug 2003 17:05:35 -0400 (EDT) Date: Tue, 12 Aug 2003 17:05:35 -0400 From: Jason Hunt To: "Simon L. Nielsen" Message-ID: <20030812210534.GA24139@lethargic.dyndns.org> References: <20030812085617.GA407@FreeBSD.org> <003501c360b0$6dad9970$9f8d2ed5@internal> <20030812113147.GA1022@FreeBSD.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20030812113147.GA1022@FreeBSD.org> User-Agent: Mutt/1.4.1i cc: "Devon H. O'Dell" cc: security@freebsd.org Subject: Re: realpath(3) et al X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Aug 2003 21:04:52 -0000 On Tue, Aug 12, 2003 at 01:31:49PM +0200, Simon L. Nielsen wrote: > On 2003.08.12 11:02:16 +0200, Devon H. O'Dell wrote: > > Is there a list of these bugs available anywhere? If not, what software is > > recommended to import, keep track of, and document these bugs? > > The audit fixes from OpenBSD? I have no idea if they keep track of them > in some special way, but I think that integrating whem will require a > lot of looking at CVS commit logs and comparing code. http://www.openbsd.org/plus.html A lot easier than going through CVS logs :) From owner-freebsd-security@FreeBSD.ORG Tue Aug 12 14:15:46 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8CC8937B401 for ; Tue, 12 Aug 2003 14:15:46 -0700 (PDT) Received: from post-21.mail.nl.demon.net (post-21.mail.nl.demon.net [194.159.73.20]) by mx1.FreeBSD.org (Postfix) with ESMTP id DDB6D43F3F for ; Tue, 12 Aug 2003 14:15:45 -0700 (PDT) (envelope-from apehaar@text-only.demon.nl) Received: from [212.238.193.97] (helo=horcy) by post-21.mail.nl.demon.net with smtp (Exim 3.36 #1) id 19mgUa-000HIa-00 for security@freebsd.org; Tue, 12 Aug 2003 21:15:44 +0000 Message-ID: <00a401c36116$e3e50e00$0201a8c0@horcy> From: "horcy" To: Date: Tue, 12 Aug 2003 23:15:43 +0200 MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1158 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 Subject: Fw: Certification (was RE: realpath(3) et al) X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Aug 2003 21:15:46 -0000 That /. shit is indeed VERY annoying :( (FreeBSD dead WTF!!) But if I have to convince a customer why to choose for FreeBSD, I always use Yahoo! as an example. They got some ridiculous traffic and that site is ultra fast. They always buy that :D So for now i dont need an audit > > > ----- Original Message ----- > From: "Devon H. O'Dell" > To: "'twig les'" ; > Sent: Tuesday, August 12, 2003 10:32 PM > Subject: RE: Certification (was RE: realpath(3) et al) > > > > This is what I'm wondering about and what I'd like to contribute and > donate > > to/for. I don't feel that it would be a waste of time. I feel that it > would > > give: > > > > a) A better image of FreeBSD > > b) More reason for corporations to actually *use* FreeBSD, and > > c) Stop all the people on /. from whining about how FreeBSD is dead (like > > anybody gives a (#*@ but okay ;) > > > > My other thread is re: stack smashing protection. Lets separate the two. > > > > --Devon > > > > > -----Oorspronkelijk bericht----- > > > Van: owner-freebsd-security@freebsd.org [mailto:owner-freebsd- > > > security@freebsd.org] Namens twig les > > > Verzonden: Tuesday, August 12, 2003 10:28 PM > > > Aan: security@freebsd.org > > > Onderwerp: Certification (was RE: realpath(3) et al) > > > > > > I actually just asked about FreeBSD's status regarding Common > > > Criteria last week on -questions but no one knew; one guy > > > answered that it would be wasteful. Is this the cert on > > > everyone's mind? It would be nice to have this cert for the 5.x > > > line but I understand that it is massively expensive and the > > > resources may be better spent on development. Has the team > > > discussed this? > > > > > > > > > --- "Devon H. O'Dell" wrote: > > > > > On Tue, Aug 12, 2003 at 01:41:13PM +0200, Devon H. O'Dell > > > > wrote: > > > > > > However, it is also one that > > > > > > will boost the image of FreeBSD as well as make it more > > > > accepted by > > > > > > third-party auditors (who I'd also like to see audit > > > > FreeBSD). > > > > > > > > > > Who are these `third-party auditors'? > > > > > > > > There are a few who do security-related audits. I'll see if I > > > > can get a list > > > > made up. > > > > > > > > > > Additionally (and somewhat unrelated), Linux was recently > > > > audited and > > > > > given > > > > > > the status "very secure". > > > > > > > > > > REALLY? Wow, ``very secure''!! I'm switching!! > > > > (Tongue-in-cheek) > > > > > > > > > > I think we'd need deep pockets for just about ANY kind of > > > > useful > > > > > certification, security-related or not. > > > > > > > > We probably would. This is why I'm suggesting that it become > > > > something we > > > > stick on the front page of freebsd.org/freebsdfoundation.org. > > > > Since FreeBSD > > > > is a not-for-profit organization (as Chris Odell pointed out) > > > > I think it'd > > > > actually be attractive for people (and corporations using > > > > FreeBSD) to donate > > > > as it would be tax-deductible. It just needs to be made > > > > well-known that this > > > > is a goal of the Foundation, and I think people will be > > > > willing to donate to > > > > it. We've already had $300 of pledges today :) > > > > > > > > --Devon > > > > > > > > > Cheers, > > > > > -- > > > > > Jacques Vidrine . NTT/Verio SME . FreeBSD UNIX > > > > . Heimdal > > > > > nectar@celabo.org . jvidrine@verio.net . nectar@freebsd.org > > > > . > > > > > nectar@kth.se > > > > > _______________________________________________ > > > > > freebsd-security@freebsd.org mailing list > > > > > http://lists.freebsd.org/mailman/listinfo/freebsd-security > > > > > To unsubscribe, send any mail to "freebsd-security- > > > > > unsubscribe@freebsd.org" > > > > > > > > _______________________________________________ > > > > freebsd-security@freebsd.org mailing list > > > > http://lists.freebsd.org/mailman/listinfo/freebsd-security > > > > To unsubscribe, send any mail to > > > "freebsd-security-unsubscribe@freebsd.org" > > > > > > > > > ===== > > > ----------------------------------------------------------- > > > Emo is what happens when the glee club goes punk. > > > ----------------------------------------------------------- > > > > > > __________________________________ > > > Do you Yahoo!? > > > Yahoo! SiteBuilder - Free, easy-to-use web site design software > > > http://sitebuilder.yahoo.com > > > _______________________________________________ > > > freebsd-security@freebsd.org mailing list > > > http://lists.freebsd.org/mailman/listinfo/freebsd-security > > > To unsubscribe, send any mail to "freebsd-security- > > > unsubscribe@freebsd.org" > > > > _______________________________________________ > > freebsd-security@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-security > > To unsubscribe, send any mail to > "freebsd-security-unsubscribe@freebsd.org" > From owner-freebsd-security@FreeBSD.ORG Tue Aug 12 15:13:26 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A5D2737B401 for ; Tue, 12 Aug 2003 15:13:26 -0700 (PDT) Received: from web10107.mail.yahoo.com (web10107.mail.yahoo.com [216.136.130.57]) by mx1.FreeBSD.org (Postfix) with SMTP id 377D443F75 for ; Tue, 12 Aug 2003 15:13:26 -0700 (PDT) (envelope-from twigles@yahoo.com) Message-ID: <20030812221326.25419.qmail@web10107.mail.yahoo.com> Received: from [68.5.49.41] by web10107.mail.yahoo.com via HTTP; Tue, 12 Aug 2003 15:13:26 PDT Date: Tue, 12 Aug 2003 15:13:26 -0700 (PDT) From: twig les To: Darren Reed In-Reply-To: <200308122048.h7CKmw66011400@caligula.anu.edu.au> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii cc: security@freebsd.org Subject: Re: Certification (was RE: realpath(3) et al) X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Aug 2003 22:13:26 -0000 Just saw this from eWeek. "IBM, which paid roughly $500,000 for the testing, and SuSE (pronounced "SOOS-ah") were announcing the certification jointly. " The article is here: http://www.eweek.com/article2/0,3959,1212529,00.asp --- Darren Reed wrote: > In some mail from twig les, sie said: > > > > I actually just asked about FreeBSD's status regarding > Common > > Criteria last week on -questions but no one knew; one guy > > answered that it would be wasteful. Is this the cert on > > everyone's mind? It would be nice to have this cert for the > 5.x > > line but I understand that it is massively expensive and the > > resources may be better spent on development. Has the team > > discussed this? > > Yes, evaluation is massively expensive. Why ? > > Because you have to pay someone (at consultant rates) to do > the > evaluation. A single firewall product, in Australia, can > expect > a cost of between $200k and $400k, I'm told. Now put that in > perspective of size vs an entire operating system, including > larger project overheads, etc, and the number swells > dramatically. > Oh, those numbers are in Australian Dollars. > > Darren ===== ----------------------------------------------------------- Emo is what happens when the glee club goes punk. ----------------------------------------------------------- __________________________________ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com From owner-freebsd-security@FreeBSD.ORG Tue Aug 12 15:16:05 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2326B37B401 for ; Tue, 12 Aug 2003 15:16:05 -0700 (PDT) Received: from amsfep16-int.chello.nl (amsfep16-int.chello.nl [213.46.243.26]) by mx1.FreeBSD.org (Postfix) with ESMTP id AF4FF43F3F for ; Tue, 12 Aug 2003 15:16:03 -0700 (PDT) (envelope-from dodell@sitetronics.com) Received: from internal ([213.46.141.159]) by amsfep16-int.chello.nl (InterMail vM.5.01.05.17 201-253-122-126-117-20021021) with ESMTP id <20030812221602.OVVL10454.amsfep16-int.chello.nl@internal>; Wed, 13 Aug 2003 00:16:02 +0200 From: "Devon H. O'Dell" To: "'twig les'" , "'Darren Reed'" Date: Wed, 13 Aug 2003 00:16:00 +0200 Organization: SiteTronics Message-ID: <004201c3611f$4fda68a0$9f8d2ed5@internal> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook, Build 10.0.4510 In-Reply-To: <20030812221326.25419.qmail@web10107.mail.yahoo.com> Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 cc: security@freebsd.org Subject: RE: Certification (was RE: realpath(3) et al) X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Aug 2003 22:16:05 -0000 Well this takes about $1,000,000 off our previous figure. --Devon > -----Oorspronkelijk bericht----- > Van: owner-freebsd-security@freebsd.org [mailto:owner-freebsd- > security@freebsd.org] Namens twig les > Verzonden: Wednesday, August 13, 2003 12:13 AM > Aan: Darren Reed > CC: security@freebsd.org > Onderwerp: Re: Certification (was RE: realpath(3) et al) > > Just saw this from eWeek. > > "IBM, which paid roughly $500,000 for the testing, and SuSE > (pronounced "SOOS-ah") were announcing the certification > jointly. " > > The article is here: > http://www.eweek.com/article2/0,3959,1212529,00.asp > > > > --- Darren Reed wrote: > > In some mail from twig les, sie said: > > > > > > I actually just asked about FreeBSD's status regarding > > Common > > > Criteria last week on -questions but no one knew; one guy > > > answered that it would be wasteful. Is this the cert on > > > everyone's mind? It would be nice to have this cert for the > > 5.x > > > line but I understand that it is massively expensive and the > > > resources may be better spent on development. Has the team > > > discussed this? > > > > Yes, evaluation is massively expensive. Why ? > > > > Because you have to pay someone (at consultant rates) to do > > the > > evaluation. A single firewall product, in Australia, can > > expect > > a cost of between $200k and $400k, I'm told. Now put that in > > perspective of size vs an entire operating system, including > > larger project overheads, etc, and the number swells > > dramatically. > > Oh, those numbers are in Australian Dollars. > > > > Darren > > > ===== > ----------------------------------------------------------- > Emo is what happens when the glee club goes punk. > ----------------------------------------------------------- > > __________________________________ > Do you Yahoo!? > Yahoo! SiteBuilder - Free, easy-to-use web site design software > http://sitebuilder.yahoo.com > _______________________________________________ > freebsd-security@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "freebsd-security- > unsubscribe@freebsd.org" From owner-freebsd-security@FreeBSD.ORG Tue Aug 12 15:23:35 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 996A537B401 for ; Tue, 12 Aug 2003 15:23:35 -0700 (PDT) Received: from mail-pm.star.spb.ru (mail-pm.star.spb.ru [217.195.82.1]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6BA9643FA3 for ; Tue, 12 Aug 2003 15:23:34 -0700 (PDT) (envelope-from nkritsky@internethelp.ru) Received: from pink.star.spb.ru ([217.195.82.10]) by mail-pm.star.spb.ru (8.12.9/8.12.8) with ESMTP id h7CMNMPW047062; Wed, 13 Aug 2003 02:23:23 +0400 (MSD) Received: from IBMKA ([217.195.82.7]) by pink.star.spb.ru with SMTP (Microsoft Exchange Internet Mail Service Version 5.5.2653.13) id PQJDYFS4; Wed, 13 Aug 2003 02:23:22 +0400 Date: Wed, 13 Aug 2003 02:23:53 +0400 From: "Nickolay A. Kritsky" X-Mailer: The Bat! (v1.49) Personal X-Priority: 3 (Normal) Message-ID: <150361279001.20030813022353@internethelp.ru> To: "Devon H. O'Dell" In-reply-To: <004201c3611f$4fda68a0$9f8d2ed5@internal> References: <004201c3611f$4fda68a0$9f8d2ed5@internal> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit cc: 'Darren Reed' cc: security@freebsd.org Subject: Re[2]: Certification (was RE: realpath(3) et al) X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: "Nickolay A. Kritsky" List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Aug 2003 22:23:36 -0000 Hello Devon, go to -chat please with this discussion. Or maybe to -advocacy no oofence meant. it's just off-topic for this list. Wednesday, August 13, 2003, 2:16:00 AM, you wrote: DHOD> Well this takes about $1,000,000 off our previous figure. DHOD> --Devon >> -----Oorspronkelijk bericht----- >> Van: owner-freebsd-security@freebsd.org [mailto:owner-freebsd- >> security@freebsd.org] Namens twig les >> Verzonden: Wednesday, August 13, 2003 12:13 AM >> Aan: Darren Reed >> CC: security@freebsd.org >> Onderwerp: Re: Certification (was RE: realpath(3) et al) >> >> Just saw this from eWeek. >> >> "IBM, which paid roughly $500,000 for the testing, and SuSE >> (pronounced "SOOS-ah") were announcing the certification >> jointly. " >> >> The article is here: >> http://www.eweek.com/article2/0,3959,1212529,00.asp >> >> >> >> --- Darren Reed wrote: >> > In some mail from twig les, sie said: >> > > >> > > I actually just asked about FreeBSD's status regarding >> > Common >> > > Criteria last week on -questions but no one knew; one guy >> > > answered that it would be wasteful. Is this the cert on >> > > everyone's mind? It would be nice to have this cert for the >> > 5.x >> > > line but I understand that it is massively expensive and the >> > > resources may be better spent on development. Has the team >> > > discussed this? >> > >> > Yes, evaluation is massively expensive. Why ? >> > >> > Because you have to pay someone (at consultant rates) to do >> > the >> > evaluation. A single firewall product, in Australia, can >> > expect >> > a cost of between $200k and $400k, I'm told. Now put that in >> > perspective of size vs an entire operating system, including >> > larger project overheads, etc, and the number swells >> > dramatically. >> > Oh, those numbers are in Australian Dollars. >> > >> > Darren >> >> >> ===== >> ----------------------------------------------------------- >> Emo is what happens when the glee club goes punk. >> ----------------------------------------------------------- >> >> __________________________________ >> Do you Yahoo!? >> Yahoo! SiteBuilder - Free, easy-to-use web site design software >> http://sitebuilder.yahoo.com >> _______________________________________________ >> freebsd-security@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-security >> To unsubscribe, send any mail to "freebsd-security- >> unsubscribe@freebsd.org" DHOD> _______________________________________________ DHOD> freebsd-security@freebsd.org mailing list DHOD> http://lists.freebsd.org/mailman/listinfo/freebsd-security DHOD> To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org" ;------------------------------------------- ; NKritsky ; mailto:nkritsky@internethelp.ru From owner-freebsd-security@FreeBSD.ORG Tue Aug 12 15:37:50 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id AF58A37B408; Tue, 12 Aug 2003 15:37:50 -0700 (PDT) Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by mx1.FreeBSD.org (Postfix) with ESMTP id C3FDF43FA3; Tue, 12 Aug 2003 15:37:48 -0700 (PDT) (envelope-from security-advisories@freebsd.org) Received: from freefall.freebsd.org (nectar@localhost [127.0.0.1]) by freefall.freebsd.org (8.12.9/8.12.9) with ESMTP id h7CMbmUp087005; Tue, 12 Aug 2003 15:37:48 -0700 (PDT) (envelope-from security-advisories@freebsd.org) Received: (from nectar@localhost) by freefall.freebsd.org (8.12.9/8.12.9/Submit) id h7CMbmsr087003; Tue, 12 Aug 2003 15:37:48 -0700 (PDT) Date: Tue, 12 Aug 2003 15:37:48 -0700 (PDT) Message-Id: <200308122237.h7CMbmsr087003@freefall.freebsd.org> X-Authentication-Warning: freefall.freebsd.org: nectar set sender to security-advisories@freebsd.org using -f From: FreeBSD Security Advisories To: FreeBSD Security Advisories Precedence: bulk Subject: FreeBSD Security Advisory FreeBSD-SA-03:09.signal [REVISED] X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Reply-To: security-advisories@freebsd.org List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Aug 2003 22:37:51 -0000 -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 ============================================================================= FreeBSD-SA-03:09.signal Security Advisory The FreeBSD Project Topic: Insufficient range checking of signal numbers Category: core Module: sys Announced: 2003-08-10 Affects: All releases of FreeBSD up to and including 4.8-RELEASE-p1, 5.1-RELEASE (but see `Impact' below) FreeBSD 4-STABLE prior to the correction date Corrected: 2003-08-10 23:09:28 UTC (RELENG_4) 2003-08-10 23:14:08 UTC (RELENG_5_1) 2003-08-10 23:17:48 UTC (RELENG_5_0) 2003-08-10 23:19:35 UTC (RELENG_4_8) 2003-08-11 10:14:38 UTC (RELENG_4_7) 2003-08-11 10:16:35 UTC (RELENG_4_6) 2003-08-12 20:23:24 UTC (RELENG_4_5) 2003-08-12 20:23:51 UTC (RELENG_4_4) 2003-08-12 20:24:13 UTC (RELENG_4_3) FreeBSD only: YES For general information regarding FreeBSD Security Advisories, including descriptions of the fields above, security branches, and the following sections, please visit . 0. Revision History v1.0 2003-08-10 Initial release v1.1 2003-08-11 Updated correction details for RELENG_4_7, RELENG_4_6, RELENG_4_5, RELENG_4_4, RELENG_4_3 branches. Corrected an internal section reference. Corrected a source file path name. I. Background Signals are a UNIX mechanism for handling asynchronous events such as pressing the terminal interrupt key (e.g. Ctrl-C), job control, memory access violations, I/O completion, and many others. Each signal is assigned a positive number. There are a number of mechanisms by which a process may cause a signal to be sent, including using the kill(2) system call or registering with certain device drivers. II. Problem Description Some mechanisms for causing a signal to be sent did not properly validate the signal number, in some cases allowing the kernel to attempt to deliver a negative or out-of-range signal number. Such errors were present in the ptrace(2) system call and the `spigot' video capture device driver. The error in ptrace(2) was introduced in FreeBSD version 4.2-RELEASE (4-STABLE dated Oct 26 04:34:41 2000 UTC). The `spigot' device driver (including the error) was introduced in FreeBSD 2.0.5. It has never been included in the kernel installed by default, nor in the GENERIC kernel configuration. Only systems with `device spigot' added to the kernel configuration are affected by this instance of the error. III. Impact In most cases, attempted delivery of a negative or out-of-range signal number will trigger an assertion failure and panic, thereby crashing the system. A malicious local user could use this vulnerability as a local denial-of-service attack. However, in FreeBSD 5.x, the assertion code is not present if the `INVARIANTS' kernel option is not used. In FreeBSD 5.0-RELEASE and 5.1-RELEASE, `INVARIANTS' is not enabled by default. In this configuration, a malicious local user could use this vulnerability to modify kernel memory, potentially leading to complete system compromise. (FreeBSD 4.x is not vulnerable in this way.) IV. Workaround There is no workaround for the local denial-of-service attack. The more severe impact, present only in FreeBSD 5.x systems, can be avoided by uncommenting or adding the `INVARIANTS' line to your kernel configuration: options INVARIANTS #Enable calls of extra sanity checking Recompile your kernel as described in and reboot the system. NOTE WELL: This workaround is only for FreeBSD 5.x systems. This workaround does not eliminate the possibility of a local denial-of-service attack. V. Solution 1) Upgrade your vulnerable system to 4.8-STABLE, or to any of the RELENG_4_8 (4.8-RELEASE-p2), RELENG_4_7 (4.7-RELEASE-p12), or RELENG_5_1 (5.1-RELEASE-p1) security branches dated after the respective correction dates. 2) To patch your present system: a) Download the relevant patch from the location below, and verify the detached PGP signature using your PGP utility. [FreeBSD 5.1-RELEASE] # fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-03:09/signal51.patch # fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-03:09/signal51.patch.asc [FreeBSD 5.0-RELEASE] # fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-03:09/signal50.patch # fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-03:09/signal50.patch.asc [FreeBSD 4.8-RELEASE, 4.8-STABLE, 4.7-STABLE dated Jan 2 20:39:13 2003 UTC or later] # fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-03:09/signal4s.patch # fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-03:09/signal4s.patch.asc [FreeBSD 4.3-RELEASE through 4.7-RELEASE, 4.7-STABLE dated before Jan 2 20:39:13 2003 UTC] # fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-03:09/signal47.patch # fetch ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-03:09/signal47.patch.asc b) Apply the patch. # cd /usr/src # patch < /path/to/patch c) Recompile your kernel as described in and reboot the system. VI. Correction details The following list contains the revision numbers of each file that was corrected in FreeBSD. Branch Revision Path - ------------------------------------------------------------------------- src/sys/UPDATING RELENG_5_1 1.251.2.2 RELENG_5_0 1.229.2.15 RELENG_4_8 1.73.2.80.2.4 RELENG_4_7 1.73.2.74.2.15 RELENG_4_6 1.73.2.68.2.43 RELENG_4_5 1.73.2.50.2.45 RELENG_4_4 1.73.2.43.2.46 RELENG_4_3 1.73.2.28.2.33 src/sys/conf/newvers.sh RELENG_5_1 1.50.2.3 RELENG_5_0 1.48.2.10 RELENG_4_8 1.44.2.29.2.3 RELENG_4_7 1.44.2.26.2.14 RELENG_4_6 1.44.2.23.2.32 RELENG_4_5 1.44.2.20.2.29 RELENG_4_4 1.44.2.17.2.37 RELENG_4_3 1.44.2.14.2.23 src/sys/i386/isa/spigot.c RELENG_4 1.44.2.1 RELENG_5_1 1.58.2.1 RELENG_5_0 1.55.2.1 RELENG_4_8 1.44.14.1 RELENG_4_7 1.44.12.1 RELENG_4_6 1.44.10.1 RELENG_4_5 1.44.8.1 RELENG_4_4 1.44.6.1 RELENG_4_3 1.44.4.1 src/sys/kern/sys_process.c RELENG_4 1.51.2.7 RELENG_5_1 1.108.2.1 RELENG_5_0 1.104.2.1 RELENG_4_8 1.51.2.6.2.1 RELENG_4_7 1.51.2.4.2.2 RELENG_4_6 1.51.2.3.4.2 RELENG_4_5 1.51.2.3.2.2 RELENG_4_4 1.51.2.1.4.3 RELENG_4_3 1.51.2.1.2.3 src/sys/kern/kern_sig.c RELENG_5_1 1.239.2.1 RELENG_5_0 1.197.2.1 - ------------------------------------------------------------------------- -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.2.2 (FreeBSD) iD8DBQE/OVDMFdaIBMps37IRAsaBAJ4zAzw4sDcu2oc/M7iiXfLQzg8WogCeNqeF Di+jeJfFrpGAh+/JxUAW/60= =qXMR -----END PGP SIGNATURE----- From owner-freebsd-security@FreeBSD.ORG Tue Aug 12 15:48:28 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2B38137B405 for ; Tue, 12 Aug 2003 15:48:28 -0700 (PDT) Received: from gw.celabo.org (gw.celabo.org [208.42.49.153]) by mx1.FreeBSD.org (Postfix) with ESMTP id 59A8343FBD for ; Tue, 12 Aug 2003 15:48:27 -0700 (PDT) (envelope-from nectar@celabo.org) Received: from madman.celabo.org (madman.celabo.org [10.0.1.111]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (Client CN "madman.celabo.org", Issuer "celabo.org CA" (verified OK)) by gw.celabo.org (Postfix) with ESMTP id EA28A5487E; Tue, 12 Aug 2003 17:48:26 -0500 (CDT) Received: by madman.celabo.org (Postfix, from userid 1001) id 8CE376D461; Tue, 12 Aug 2003 17:48:26 -0500 (CDT) Date: Tue, 12 Aug 2003 17:48:26 -0500 From: "Jacques A. Vidrine" To: Chris Byrnes Message-ID: <20030812224825.GA52874@madman.celabo.org> Mail-Followup-To: "Jacques A. Vidrine" , Chris Byrnes , freebsd-security@FreeBSD.org, cliph@isec.pl, funkysh@isec.pl References: <200308051202.h75C2e6S072245@freefall.freebsd.org> <093801c36122$bc756b60$1abcd118@wi.rr.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <093801c36122$bc756b60$1abcd118@wi.rr.com> X-Url: http://www.celabo.org/ User-Agent: Mutt/1.5.4i-ja.1 cc: freebsd-security@FreeBSD.org cc: funkysh@isec.pl cc: cliph@isec.pl Subject: Re: FreeBSD Security Advisory FreeBSD-SA-03:08.realpath [REVISED] X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 12 Aug 2003 22:48:28 -0000 [Follow-ups set to freebsd-security@. Folks there might be around to help you, while I'm gone for the evening :-) ] On Tue, Aug 12, 2003 at 05:40:29PM -0500, Chris Byrnes wrote: > Sorry to bother you, but not sure what the problem is.. > > awww# fetch > ftp://ftp.FreeBSD.org/pub/FreeBSD/CERT/patches/SA-03:08/realpath.patch > Receiving realpath.patch (691 bytes): 100% > 691 bytes transferred in 0.0 seconds (39.62 kBps) > awww# patch < realpath.patch > Hmm... Looks like a new-style context diff to me... > The text leading up to this was: > -------------------------- > |Index: lib/libc/stdlib/realpath.c > |=================================================================== > |RCS file: /home/ncvs/src/lib/libc/stdlib/realpath.c,v > |retrieving revision 1.9 > |diff -c -c -r1.9 realpath.c > |*** lib/libc/stdlib/realpath.c 27 Jan 2000 23:06:50 -0000 1.9 > |--- lib/libc/stdlib/realpath.c 3 Aug 2003 17:21:20 -0000 > -------------------------- > Patching file lib/libc/stdlib/realpath.c using Plan A... > Hunk #1 failed at 138. > 1 out of 1 hunks failed--saving rejects to lib/libc/stdlib/realpath.c.rej > done > awww# > > Any ideas? Thank you for your help! You did not indicate what version of FreeBSD you are attempting to patch. Is it one of the versions indicated as affected in the advisory? (copied here for your convenience) > Affects: All releases of FreeBSD up to and including 4.8-RELEASE > and 5.0-RELEASE > FreeBSD 4-STABLE prior to May 22 17:11:44 2003 UTC Cheers, -- Jacques Vidrine . NTT/Verio SME . FreeBSD UNIX . Heimdal nectar@celabo.org . jvidrine@verio.net . nectar@freebsd.org . nectar@kth.se From owner-freebsd-security@FreeBSD.ORG Tue Aug 12 18:06:33 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1126737B401 for ; Tue, 12 Aug 2003 18:06:33 -0700 (PDT) Received: from fubar.adept.org (fubar.adept.org [63.147.172.249]) by mx1.FreeBSD.org (Postfix) with ESMTP id 7FC4D43F3F for ; Tue, 12 Aug 2003 18:06:32 -0700 (PDT) (envelope-from mike@adept.org) Received: by fubar.adept.org (Postfix, from userid 1001) id 5932915256; Tue, 12 Aug 2003 18:06:32 -0700 (PDT) Received: from localhost (localhost [127.0.0.1]) by fubar.adept.org (Postfix) with ESMTP id 585A01524D for ; Tue, 12 Aug 2003 18:06:32 -0700 (PDT) Date: Tue, 12 Aug 2003 18:06:32 -0700 (PDT) From: Mike Hoskins To: security@freebsd.org In-Reply-To: <20030812085617.GA407@FreeBSD.org> Message-ID: <20030812180122.C96000@fubar.adept.org> References: <20030811133749.U27196@fubar.adept.org> <20030811232132.GB46629@madman.celabo.org> <20030812085617.GA407@FreeBSD.org> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Subject: Re: realpath(3) et al X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 13 Aug 2003 01:06:33 -0000 On Tue, 12 Aug 2003, Simon L. Nielsen wrote: > There is http://www.freebsd.org/auditors.html but it hasn't been updated for > a very long time. that's the one i was thinking of -- thanks. > BTW, if anybody really wants to start up the audit project again, I > think somebody should take a look at integrating some of the changes > OpenBSD has made. No reason to spend time finding the bugs OpenBSD has > already fixed. *sigh* i'd hoped the project was 'always' ongoing, and that sharing and/or integrating changes amongst the various BSD source trees would be commonplace. the fact that it's not clearly illustrates that our biggest enemey in the security game is ourselves. (by 'selves' i mean anyone who feels not sharing a security or bug fix is a good idea.) perhaps the page can not only be updated, but given more visibilitiy? i'd think something on the front page indicating our code base undergoes continuous audting would be... good. -mrh -- From: "Spam Catcher" To: spam-catcher@adept.org Do NOT send email to the address listed above or you will be added to a blacklist! From owner-freebsd-security@FreeBSD.ORG Tue Aug 12 18:25:53 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0122837B401 for ; Tue, 12 Aug 2003 18:25:53 -0700 (PDT) Received: from 100m.mpr200-2.esr.lvcm.net (100m.mpr200-2.esr.lvcm.net [24.234.0.81]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2631B43F75 for ; Tue, 12 Aug 2003 18:25:52 -0700 (PDT) (envelope-from chris@redstarnetworks.net) Received: from delllaptop (ip68-108-123-213.lv.lv.cox.net [68.108.123.213]) by 100m.mpr200-2.esr.lvcm.net (Mirapoint Messaging Server MOS 2.9.3.5) with ESMTP id AZL18131; Tue, 12 Aug 2003 18:25:48 -0700 (PDT) From: "Chris Odell" To: "'Scott Lambert'" , Date: Tue, 12 Aug 2003 18:20:11 -0700 Organization: Red Star Networks, INC Message-ID: <000b01c36139$0aa8f160$0b05a8c0@delllaptop> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook, Build 10.0.2627 Importance: Normal X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2600.0000 In-Reply-To: <20030813011112.GB942@laptop.lambertfam.org> Subject: RE: realpath(3) et al X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: chris@redstarnetworks.net List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 13 Aug 2003 01:25:53 -0000 Sometimes I wonder why im on this list.... I was just throwing something out there, before my first cup and about fifteen minutes after awaking. I did in fact clarify this in one more additional message, after I received this kind of garble in my inbox. People like this are a waste of bandwidth.... I'm sure ill be banned after someone reads this with some sort of authority, so for the people that actually have some sort of sense it has been very educational/fun. Chris Odell chris@redstarnetworks.net p/f: 702.646.2830 t/f: 800.646.2830 -----Original Message----- From: Scott Lambert [mailto:lambert@lambertfam.org] Sent: Tuesday, August 12, 2003 6:11 PM To: Chris Odell Subject: Re: realpath(3) et al How many companies have 1000 FreeBSD machines? I'm going to guess it's less than 150, but I'd be happy to be wrong. I guess there *might* be 1000 companies which have 150 FreeBSD machines. Probably tens of thousands of companies with 15 FreeBSD machines. Good luck getting 1000 of them to donate $20. On Tue, Aug 12, 2003 at 08:15:41AM -0700, Chris Odell wrote: > > Corporations - INTERNET Companies... > > If you look at the big picture, having a O.S. that has been audited > for issues would actually be cost effective for them. Having to patch > a machine that is in service causes downtime. > > Lets see - > > Each machine takes ten (10) minutes of human work to drop into single > user mode and install new binaries/kernels > > The company has one thousand (1000) machines > > That comes to ten thousand (10000) minutes, broken down to hours - > 167 Hours > > The average admin say is making forty five (45) dollars a hour - > over $7000.00 - not including taxes paid by employer. > > So if one hundred fifty companies donated one thousand dollars > (1000) it would save them downtime, payroll, and taxes. > > Just a rough estimate and my 2 cents > > > Chris Odell > chris@redstarnetworks.net > > > -----Original Message----- > From: owner-freebsd-security@freebsd.org > [mailto:owner-freebsd-security@freebsd.org] On Behalf Of Devon H. > O'Dell > Sent: Tuesday, August 12, 2003 7:42 AM > To: 'Brooks Davis' > Cc: security@freebsd.org > Subject: RE: realpath(3) et al > > > Okay, so where do we begin with taking contributions? > > Devon > > > -----Oorspronkelijk bericht----- > > Van: owner-freebsd-security@freebsd.org [mailto:owner-freebsd- > > security@freebsd.org] Namens Brooks Davis > > Verzonden: Tuesday, August 12, 2003 4:38 PM > > Aan: Devon H. O'Dell > > CC: security@freebsd.org > > Onderwerp: Re: realpath(3) et al > > > > On Tue, Aug 12, 2003 at 10:24:16AM +0200, Devon H. O'Dell wrote: > > > What sorts of security standards commissions are there, how much > > > does getting "standards certified" cost, and where should we start? > > > > I think the ballpark number I heard for a minimal certification > > under > > Common Criteria was $1.5m. > > > > -- Brooks > > _______________________________________________ > freebsd-security@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to > "freebsd-security-unsubscribe@freebsd.org" > > _______________________________________________ > freebsd-security@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to > "freebsd-security-unsubscribe@freebsd.org" -- Scott Lambert KC5MLE Unix SysAdmin lambert@lambertfam.org From owner-freebsd-security@FreeBSD.ORG Tue Aug 12 20:32:40 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id AC0BD37B401 for ; Tue, 12 Aug 2003 20:32:40 -0700 (PDT) Received: from fledge.watson.org (fledge.watson.org [204.156.12.50]) by mx1.FreeBSD.org (Postfix) with ESMTP id BDA5B43F93 for ; Tue, 12 Aug 2003 20:32:39 -0700 (PDT) (envelope-from robert@fledge.watson.org) Received: from fledge.watson.org (localhost [127.0.0.1]) by fledge.watson.org (8.12.9/8.12.9) with ESMTP id h7D3WFAL079049; Tue, 12 Aug 2003 23:32:15 -0400 (EDT) (envelope-from robert@fledge.watson.org) Received: from localhost (robert@localhost)h7D3WFLa079046; Tue, 12 Aug 2003 23:32:15 -0400 (EDT) Date: Tue, 12 Aug 2003 23:32:14 -0400 (EDT) From: Robert Watson X-Sender: robert@fledge.watson.org To: twig les In-Reply-To: <20030812202822.28566.qmail@web10108.mail.yahoo.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII cc: security@freebsd.org Subject: Re: Certification (was RE: realpath(3) et al) X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 13 Aug 2003 03:32:41 -0000 On Tue, 12 Aug 2003, twig les wrote: > I actually just asked about FreeBSD's status regarding Common Criteria > last week on -questions but no one knew; one guy answered that it would > be wasteful. Is this the cert on everyone's mind? It would be nice to > have this cert for the 5.x line but I understand that it is massively > expensive and the resources may be better spent on development. Has the > team discussed this? Evaluation to CC doesn't necessary mean improved security -- the lower evaluation levels (such as EAL3) are really about documentation and certification for particular uses, and don't involve any code auditing or implementation checking. Only at higher EAL levels will you see extensive evaluation of the implementation itself. An important part of higher EAL levels is product life cycle consideration, which will present a substantial challenge to the open source community. If you're not feature complete for a spec, you can also expect to spend a lot of time developing the missing features, which can be quite expensive :-). People are interested in evaluation, but generally what it takes to make evaluation happen is a large interested customer, an evaluation lab, and a substantial amount of developer involvement. FreeBSD has probably already gone through a number of security certifications as an integral part of a number of evaluated commercial products. The TrustedBSD Project has had as one of its goals providing feature compliance to CAPP, as well as providing supporting documentation, the goal being to support companies looking to evaluate FreeBSD-based products. My hope is that sometime relatively soon on the 5.x branch, we'll be feature-complete for CAPP, and largely feature-complete for LSPP. But I think this really needs to be driven by a consumer who wants the evaluation to happen -- evaluating without a consumer is of little value because of the cost of maintaining the evaluation over time. Robert N M Watson FreeBSD Core Team, TrustedBSD Projects robert@fledge.watson.org Network Associates Laboratories From owner-freebsd-security@FreeBSD.ORG Tue Aug 12 20:35:54 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id AB12237B401 for ; Tue, 12 Aug 2003 20:35:54 -0700 (PDT) Received: from fledge.watson.org (fledge.watson.org [204.156.12.50]) by mx1.FreeBSD.org (Postfix) with ESMTP id BAC1143F93 for ; Tue, 12 Aug 2003 20:35:53 -0700 (PDT) (envelope-from robert@fledge.watson.org) Received: from fledge.watson.org (localhost [127.0.0.1]) by fledge.watson.org (8.12.9/8.12.9) with ESMTP id h7D3ZTAL079541; Tue, 12 Aug 2003 23:35:29 -0400 (EDT) (envelope-from robert@fledge.watson.org) Received: from localhost (robert@localhost)h7D3ZTLx079538; Tue, 12 Aug 2003 23:35:29 -0400 (EDT) Date: Tue, 12 Aug 2003 23:35:29 -0400 (EDT) From: Robert Watson X-Sender: robert@fledge.watson.org To: twig les In-Reply-To: Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII cc: security@freebsd.org Subject: Re: Certification (was RE: realpath(3) et al) X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 13 Aug 2003 03:35:55 -0000 The real upshot of all this, btw, is that security evaluation against the CC and related specs will have very little relationship to closing bugs associated with realpath(), et al. A source code auditing effort, funded or otherwise, would still be extremely useful, but the goal would have to be a more pragmatic "fewer bugs", and not a certification "Grade A Security" :-). Robert N M Watson FreeBSD Core Team, TrustedBSD Projects robert@fledge.watson.org Network Associates Laboratories From owner-freebsd-security@FreeBSD.ORG Wed Aug 13 18:38:54 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 1217E37B401 for ; Wed, 13 Aug 2003 18:38:54 -0700 (PDT) Received: from fubar.adept.org (fubar.adept.org [63.147.172.249]) by mx1.FreeBSD.org (Postfix) with ESMTP id 9C43643FBF for ; Wed, 13 Aug 2003 18:38:53 -0700 (PDT) (envelope-from mike@adept.org) Received: by fubar.adept.org (Postfix, from userid 1001) id 2B89315256; Wed, 13 Aug 2003 18:38:53 -0700 (PDT) Received: from localhost (localhost [127.0.0.1]) by fubar.adept.org (Postfix) with ESMTP id 272AD1524D for ; Wed, 13 Aug 2003 18:38:53 -0700 (PDT) Date: Wed, 13 Aug 2003 18:38:53 -0700 (PDT) From: Mike Hoskins To: security@freebsd.org In-Reply-To: <002301c360ab$1ec6b940$9f8d2ed5@internal> Message-ID: <20030813183606.N4965@fubar.adept.org> References: <002301c360ab$1ec6b940$9f8d2ed5@internal> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Subject: RE: realpath(3) et al X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 14 Aug 2003 01:38:54 -0000 sorry to respond so late -- just got back from jury duty. On Tue, 12 Aug 2003, Devon H. O'Dell wrote: > I was reading an article on Slashdot recently about Linux just getting some > sort of security certification and asked the question "What about FreeBSD?" > I got the standard BSD trolls, but my comment was actually modded up to a 3, > Interesting, I believe. cool, that's definately one of the things i had in mind... > What sorts of security standards commissions are there, how much does > getting "standards certified" cost, and where should we start? i should have asked this precise question - thanks. > I'm all for getting a website up to give out information on what we're > trying to do and possibly collect donations, take comments, and set up > discussions. I do have the time, resources, space and FreeBSD box ;) to set > this up. i just registered codereview.org and it's hosted on a colocated FreeBSD box now... would anyone object to using the domain to coordinate our efforts? the only objection i see at present, is if the majority feel this should be hosted somewhere under freebsd.org so that is it highly visible. i'd actually envisioned turning the site into a community for coordinated review of any/all opensource projects. (and, hopefully, sharing any findings in one project with any other relevant projects as quickly as possible.) -mrh -- From: "Spam Catcher" To: spam-catcher@adept.org Do NOT send email to the address listed above or you will be added to a blacklist! From owner-freebsd-security@FreeBSD.ORG Wed Aug 13 18:42:23 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C611837B401 for ; Wed, 13 Aug 2003 18:42:23 -0700 (PDT) Received: from fubar.adept.org (fubar.adept.org [63.147.172.249]) by mx1.FreeBSD.org (Postfix) with ESMTP id 64AC243FB1 for ; Wed, 13 Aug 2003 18:42:23 -0700 (PDT) (envelope-from mike@adept.org) Received: by fubar.adept.org (Postfix, from userid 1001) id 5ABA215256; Wed, 13 Aug 2003 18:42:23 -0700 (PDT) Received: from localhost (localhost [127.0.0.1]) by fubar.adept.org (Postfix) with ESMTP id 569031524D for ; Wed, 13 Aug 2003 18:42:23 -0700 (PDT) Date: Wed, 13 Aug 2003 18:42:23 -0700 (PDT) From: Mike Hoskins To: security@freebsd.org In-Reply-To: <20030812111522.GA66788@cirb503493.alcatel.com.au> Message-ID: <20030813183936.C4965@fubar.adept.org> References: <20030812085617.GA407@FreeBSD.org> <003501c360b0$6dad9970$9f8d2ed5@internal> <20030812111522.GA66788@cirb503493.alcatel.com.au> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Subject: Re: realpath(3) et al X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 14 Aug 2003 01:42:24 -0000 On Tue, 12 Aug 2003, Peter Jeremy wrote: > >Features such as a protected stack should, IMO, be implemented as soon as > >possible to keep FreeBSD heads-afloat right now in the security sense.... > >OpenBSD has implemented this already and there are many patches for Linux to > >do the same... why don't we go ahead and shove some of this code into CVS? > By "protected" I presume you mean "non-executable". Whilst making the > stack non-executable is trivial, making the system still work isn't. > I believe the FreeBSD signal handling still relies on a signal > trampoline on the stack. Some ports also expect an executable stack > (most commonly lisp implementations). i'd also just like to add an aside that's probably obvious... yes we want security, but we really want to give people options too... these sorts of measures can have a performance impact. as such, i feel we should always give users the option of turning them off/on via some easy to find knob (make.conf/define, kernel, etc.). -mrh -- From: "Spam Catcher" To: spam-catcher@adept.org Do NOT send email to the address listed above or you will be added to a blacklist! From owner-freebsd-security@FreeBSD.ORG Wed Aug 13 18:44:13 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C212237B401 for ; Wed, 13 Aug 2003 18:44:13 -0700 (PDT) Received: from fubar.adept.org (fubar.adept.org [63.147.172.249]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6AAD343FDD for ; Wed, 13 Aug 2003 18:44:13 -0700 (PDT) (envelope-from mike@adept.org) Received: by fubar.adept.org (Postfix, from userid 1001) id 6101C15256; Wed, 13 Aug 2003 18:44:13 -0700 (PDT) Received: from localhost (localhost [127.0.0.1]) by fubar.adept.org (Postfix) with ESMTP id 602C11524D for ; Wed, 13 Aug 2003 18:44:13 -0700 (PDT) Date: Wed, 13 Aug 2003 18:44:13 -0700 (PDT) From: Mike Hoskins To: security@freebsd.org In-Reply-To: <004101c360c4$58689010$9f8d2ed5@internal> Message-ID: <20030813184303.A4965@fubar.adept.org> References: <004101c360c4$58689010$9f8d2ed5@internal> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Subject: RE: realpath(3) et al X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 14 Aug 2003 01:44:14 -0000 On Tue, 12 Aug 2003, Devon H. O'Dell wrote: > Sorry for not including this in the last message to the newsletter; isn't it > also then high time to fix up the signal handling in FreeBSD if this *is* > the case? probably... but unless you or i are ready to re-write that code, we can't point fingers (too loudly at least). we could at least get the needed change acknowledged and assigned, but that again points to our need for some means of coordination. (perhaps like the auditor's page, but updated and maintained.) -mrh -- From: "Spam Catcher" To: spam-catcher@adept.org Do NOT send email to the address listed above or you will be added to a blacklist! From owner-freebsd-security@FreeBSD.ORG Wed Aug 13 18:57:18 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 35D4537B401 for ; Wed, 13 Aug 2003 18:57:18 -0700 (PDT) Received: from fubar.adept.org (fubar.adept.org [63.147.172.249]) by mx1.FreeBSD.org (Postfix) with ESMTP id CBCE443FAF for ; Wed, 13 Aug 2003 18:57:17 -0700 (PDT) (envelope-from mike@adept.org) Received: by fubar.adept.org (Postfix, from userid 1001) id 7699A15256; Wed, 13 Aug 2003 18:57:17 -0700 (PDT) Received: from localhost (localhost [127.0.0.1]) by fubar.adept.org (Postfix) with ESMTP id 75B5C1524D for ; Wed, 13 Aug 2003 18:57:17 -0700 (PDT) Date: Wed, 13 Aug 2003 18:57:17 -0700 (PDT) From: Mike Hoskins To: freebsd-security@freebsd.org In-Reply-To: <000b01c36139$0aa8f160$0b05a8c0@delllaptop> Message-ID: <20030813185437.V4965@fubar.adept.org> References: <000b01c36139$0aa8f160$0b05a8c0@delllaptop> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Subject: RE: realpath(3) et al X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 14 Aug 2003 01:57:18 -0000 On Tue, 12 Aug 2003, Chris Odell wrote: > Sometimes I wonder why im on this list.... I was just throwing hopefully because you care about fbsd and the security thereof... > People like this are a waste of bandwidth.... i feel the same thing sometimes... but as i get older, i realize we all seem like a waste of bandwidth at times. if possible, it's best to 'not say anything unless you have something good to say'. i'm not attacking or defending anyone here... just pointing out that we're all people with differing opinions... and none of us are 100% right... so working together is the only way to find the best solution. > I'm sure ill be banned after someone reads this with some sort of > authority, so for the people that actually have some sort of sense it > has been very educational/fun. let's hope not. i've stepped on plenty of toes (including jkh's back in the day) and have never been banned. i think that says something (good) about the maturity of our audience/admins. -mrh -- From: "Spam Catcher" To: spam-catcher@adept.org Do NOT send email to the address listed above or you will be added to a blacklist! From owner-freebsd-security@FreeBSD.ORG Wed Aug 13 19:08:17 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 487A837B401 for ; Wed, 13 Aug 2003 19:08:17 -0700 (PDT) Received: from fubar.adept.org (fubar.adept.org [63.147.172.249]) by mx1.FreeBSD.org (Postfix) with ESMTP id B72B343F75 for ; Wed, 13 Aug 2003 19:08:16 -0700 (PDT) (envelope-from mike@adept.org) Received: by fubar.adept.org (Postfix, from userid 1001) id 3110115256; Wed, 13 Aug 2003 19:08:16 -0700 (PDT) Received: from localhost (localhost [127.0.0.1]) by fubar.adept.org (Postfix) with ESMTP id 2CE5E1524D for ; Wed, 13 Aug 2003 19:08:16 -0700 (PDT) Date: Wed, 13 Aug 2003 19:08:16 -0700 (PDT) From: Mike Hoskins To: security@freebsd.org In-Reply-To: Message-ID: <20030813190151.X4965@fubar.adept.org> References: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Subject: Re: Certification (was RE: realpath(3) et al) X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 14 Aug 2003 02:08:17 -0000 On Tue, 12 Aug 2003, Robert Watson wrote: > The real upshot of all this, btw, is that security evaluation against the > CC and related specs will have very little relationship to closing bugs > associated with realpath(), et al. A source code auditing effort, funded > or otherwise, would still be extremely useful, but the goal would have to > be a more pragmatic "fewer bugs", and not a certification "Grade A > Security" :-). firstly, i highly respect your opinions... based upon past correspondance and the work i've seen from you. i also agree with what you say here, in some sense. that is, we want fewer bugs more than certification X. however, while 'fewer bugs' is the better thing in the minds of most coders/admins... 'grade A security' is often the most prominent thing in the minds of the people with money... often the people who make the decissions. i.e. which OS gets installed on FBI and NSA computers. ;) lots of beuracracy there... so having 'certification X' could get fbsd in doors it would not otherwise be allowed to enter. that's not purely a security issue, but certianly one i'd like to consider as important. however, i fully agree this portion of the discussion can move to -advocacy. if we can agree on a given cert that's worthwhile (in some sense, like the one SuSe seems to have accquired)... who is the best person to make the case to -advocacy? i haven't been subscribed in awhile, but i guess it's time to re-subscribe. :) how hard would it be to get corporations involved? even without massive corporate support, if the issue is given enough visibility... i'd think getting smaller donations from a large number of people should not be impossible. (people do buy CDs, afterall...) -mrh -- From: "Spam Catcher" To: spam-catcher@adept.org Do NOT send email to the address listed above or you will be added to a blacklist! From owner-freebsd-security@FreeBSD.ORG Wed Aug 13 20:25:21 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2ED3E37B401 for ; Wed, 13 Aug 2003 20:25:21 -0700 (PDT) Received: from fledge.watson.org (fledge.watson.org [204.156.12.50]) by mx1.FreeBSD.org (Postfix) with ESMTP id 7EE8143F93 for ; Wed, 13 Aug 2003 20:25:20 -0700 (PDT) (envelope-from robert@fledge.watson.org) Received: from fledge.watson.org (localhost [127.0.0.1]) by fledge.watson.org (8.12.9/8.12.9) with ESMTP id h7E3OpAL087296; Wed, 13 Aug 2003 23:24:51 -0400 (EDT) (envelope-from robert@fledge.watson.org) Received: from localhost (robert@localhost)h7E3Op24087293; Wed, 13 Aug 2003 23:24:51 -0400 (EDT) Date: Wed, 13 Aug 2003 23:24:51 -0400 (EDT) From: Robert Watson X-Sender: robert@fledge.watson.org To: Mike Hoskins In-Reply-To: <20030813190151.X4965@fubar.adept.org> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII cc: security@freebsd.org Subject: Re: Certification (was RE: realpath(3) et al) X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 14 Aug 2003 03:25:21 -0000 On Wed, 13 Aug 2003, Mike Hoskins wrote: > i also agree with what you say here, in some sense. that is, we want > fewer bugs more than certification X. however, while 'fewer bugs' is > the better thing in the minds of most coders/admins... 'grade A > security' is often the most prominent thing in the minds of the people > with money... often the people who make the decissions. i.e. which OS > gets installed on FBI and NSA computers. ;) lots of beuracracy > there... so having 'certification X' could get fbsd in doors it would > not otherwise be allowed to enter. that's not purely a security issue, > but certianly one i'd like to consider as important. however, i fully > agree this portion of the discussion can move to -advocacy. > > if we can agree on a given cert that's worthwhile (in some sense, like > the one SuSe seems to have accquired)... who is the best person to make > the case to -advocacy? i haven't been subscribed in awhile, but i guess > it's time to re-subscribe. :) how hard would it be to get corporations > involved? even without massive corporate support, if the issue is given > enough visibility... i'd think getting smaller donations from a large > number of people should not be impossible. (people do buy CDs, > afterall...) SuSe has a low assurance (EAL2) evaluation against a custom-written evaluation criteria. I think a much better target would be a higher assurance level (EAL3) against a consumer-desired target (such as CAPP). Otherwise, it's really a press release, not an evaluation. As I mentioned before, if you want to get into the certification game, what you really want is an end-consumer in DoD (or wherever) willing to push for the evaluation of FreeBSD in their organization so that once you have it evaluated, you have someone who will use it, not to mention help you navigate the certification waters. I think smaller donations would be great, but I also think that the cost you're looking at for evaluation is probably in excess of what you'd be able to get together in small donations--to do CAPP at EAL3, I really can't imagine it costing less than 500k, which is a lot of small donations :-). The best way to get FreeBSD evaluated is to make the sell for FreeBSD in environments that require evaluation -- those places are probably capable of helping to foot an evaluation bill if they decide they want to run FreeBSD. So from an advocacy perspective, that means keeping research organizations building new technology on FreeBSD, helping defense contractors use FreeBSD to solve real-world problems, etc. I agree the certification has value, but it isn't equivilent to code review or secure development practices, at least a the lower assurance levels. I'd like to see FreeBSD receive certifications a great deal, and I'd like very much to help provide the technical pieces to make that possible. It's one of the important motivations for doing the TrustedBSD work: make sure that if an organization comes along wanting to evaluate FreeBSD, we've made it as easy for them as possible by providing the technical pieces they need. Robert N M Watson FreeBSD Core Team, TrustedBSD Projects robert@fledge.watson.org Network Associates Laboratories From owner-freebsd-security@FreeBSD.ORG Wed Aug 13 22:25:10 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5BA6437B401 for ; Wed, 13 Aug 2003 22:25:10 -0700 (PDT) Received: from lariat.org (lariat.org [63.229.157.2]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6C3C443FBD for ; Wed, 13 Aug 2003 22:25:09 -0700 (PDT) (envelope-from brett@lariat.org) Received: (from brett@localhost) by lariat.org (8.9.3/8.9.3) id XAA02934 for security@freebsd.org; Wed, 13 Aug 2003 23:25:04 -0600 (MDT) Date: Wed, 13 Aug 2003 23:25:04 -0600 (MDT) From: Brett Glass Message-Id: <200308140525.XAA02934@lariat.org> To: security@freebsd.org Subject: All "GNU" software potentially Trojaned X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 14 Aug 2003 05:25:10 -0000 -----BEGIN PGP SIGNED MESSAGE----- CERT Advisory CA-2003-21 GNU Project FTP Server Compromise Original issue date: August 13, 2003 Last revised: -- Source: CERT/CC A complete revision history is at the end of this file. Overview The CERT/CC has received a report that the system housing the primary FTP servers for the GNU software project was compromised. I. Description The GNU Project, principally sponsored by the Free Software Foundation (FSF), produces a variety of freely available software. The CERT/CC has learned that the system housing the primary FTP servers for the GNU software project, gnuftp.gnu.org, was root compromised by an intruder. The more common host names of ftp.gnu.org and alpha.gnu.org are aliases for the same compromised system. The compromise is reported to have occurred in March of 2003. The FSF has released an announcement describing the incident. Because this system serves as a centralized archive of popular software, the insertion of malicious code into the distributed software is a serious threat. As the above announcement indicates, however, no source code distributions are believed to have been maliciously modified at this time. II. Impact The potential exists for an intruder to have inserted back doors, Trojan horses, or other malicious code into the source code distributions of software housed on the compromised system. III. Solution We encourage sites using the GNU software obtained from the compromised system to verify the integrity of their distribution. Sites that mirror the source code are encouraged to verify the integrity of their sources. We also encourage users to inspect any and all other software that may have been downloaded from the compromised site. Note that it is not always sufficient to rely on the timestamps or file sizes when trying to determine whether or not a copy of the file has been modified. Verifying checksums The FSF has produced PGP-signed lists of known-good MD5 hashes of the software packages housed on the compromised server. These lists can be found at ftp://ftp.gnu.org/before-2003-08-01.md5sums.asc ftp://alpha.gnu.org/before-2003-08-01.md5sums.asc Note that both of these files and the announcement above are signed by Bradley Kuhn, Executive Director of the FSF, with the following PGP key: pub 1024D/DB41B387 1999-12-09 Bradley M. Kuhn Key fingerprint = 4F40 645E 46BE 0131 48F9 92F6 E775 E324 DB41 B387 uid Bradley M. Kuhn (bkuhn99) uid Bradley M. Kuhn sub 2048g/75CA9CB3 1999-12-09 The CERT/CC believes this key to be valid. As a matter of good security practice, the CERT/CC encourages users to verify, whenever possible, the integrity of downloaded software. For more information, see IN-2001-06. Appendix A. - Vendor Information This appendix contains information provided by vendors for this advisory. As vendors report new information to the CERT/CC, we will update this section and note the changes in our revision history. If a particular vendor is not listed below, we have not received their comments. Free Software Foundation The current files on alpha.gnu.org and ftp.gnu.org as of 2003-08-02 have all been verified, and their md5sums and the reasons we believe the md5sums can be trusted are in: ftp://ftp.gnu.org/before-2003-08-01.md5sums.asc ftp://alpha.gnu.org/before-2003-08-01.md5sums.asc We are updating that file and the site as we confirm good md5sums of additional files. It is theoretically possible that downloads between March 2003 and July 2003 might have been source-compromised, so we encourage everyone to re-download sources and compare with the current copies for files on the site. Appendix B. References * FSF announcement regarding the incident - ftp://ftp.gnu.org/MISSING-FILES.README * CERT Incident Note IN-2001-06 - http://www.cert.org/incident_notes/IN-2001-06.html _________________________________________________________________ The CERT/CC thanks Bradley Kuhn and Brett Smith of the Free Software Foundation for their timely assistance in this matter. _________________________________________________________________ Feedback can be directed to the author: Chad Dougherty. ______________________________________________________________________ This document is available from: http://www.cert.org/advisories/CA-2003-21.html ______________________________________________________________________ CERT/CC Contact Information Email: cert@cert.org Phone: +1 412-268-7090 (24-hour hotline) Fax: +1 412-268-6989 Postal address: CERT Coordination Center Software Engineering Institute Carnegie Mellon University Pittsburgh PA 15213-3890 U.S.A. CERT/CC personnel answer the hotline 08:00-17:00 EST(GMT-5) / EDT(GMT-4) Monday through Friday; they are on call for emergencies during other hours, on U.S. holidays, and on weekends. Using encryption We strongly urge you to encrypt sensitive information sent by email. Our public PGP key is available from http://www.cert.org/CERT_PGP.key If you prefer to use DES, please call the CERT hotline for more information. Getting security information CERT publications and other security information are available from our web site http://www.cert.org/ To subscribe to the CERT mailing list for advisories and bulletins, send email to majordomo@cert.org. Please include in the body of your message subscribe cert-advisory * "CERT" and "CERT Coordination Center" are registered in the U.S. Patent and Trademark Office. ______________________________________________________________________ NO WARRANTY Any material furnished by Carnegie Mellon University and the Software Engineering Institute is furnished on an "as is" basis. Carnegie Mellon University makes no warranties of any kind, either expressed or implied as to any matter including, but not limited to, warranty of fitness for a particular purpose or merchantability, exclusivity or results obtained from use of the material. Carnegie Mellon University does not make any warranty of any kind with respect to freedom from patent, trademark, or copyright infringement. ______________________________________________________________________ Conditions for use, disclaimers, and sponsorship information Copyright 2002 Carnegie Mellon University. Revision History August 13, 2003: Initial release -----BEGIN PGP SIGNATURE----- Version: PGP 6.5.8 iQCVAwUBPzqwFWjtSoHZUTs5AQGN4AQAvL/u+S+FpkNWtBH/fe9DCLJQM21I/dzt QPU0prMxTq53ntvTOAth+yFPtbcbeDaWuLHakju0mL4OSU0Fp+VsXbXnF5ypE+0r S5mHpMxSmvPBPBNTIMQUGybEKK783P9Ty2lhXxawEW9JbdgMOY44clo2VIupgxuZ OeyQrFbsq54= =/72G -----END PGP SIGNATURE----- From owner-freebsd-security@FreeBSD.ORG Thu Aug 14 00:35:54 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3F25637B401 for ; Thu, 14 Aug 2003 00:35:54 -0700 (PDT) Received: from tsunami.cyberdoom.org (ip212-226-145-17.adsl.eunet.fi [212.226.145.17]) by mx1.FreeBSD.org (Postfix) with ESMTP id 76B6743FBD for ; Thu, 14 Aug 2003 00:35:52 -0700 (PDT) (envelope-from dan.airinen@cyberdoom.org) Received: from daemon.cyberdoom.org (daemon.cyberdoom.org [212.226.145.19]) by tsunami.cyberdoom.org (Postfix) with ESMTP id E6E24188D19; Thu, 14 Aug 2003 10:35:45 +0300 (EEST) Received: from daemon.cyberdoom.org (daemon.cyberdoom.org [212.226.145.19]) by daemon.cyberdoom.org (8.12.9/8.12.9) with ESMTP id h7E7ZkxQ004608; Thu, 14 Aug 2003 10:35:46 +0300 (EEST) (envelope-from dan@cyberdoom.org) Date: Thu, 14 Aug 2003 10:35:46 +0300 (EEST) From: Dan Airinen To: Mike Hoskins In-Reply-To: <20030813190151.X4965@fubar.adept.org> Message-ID: <20030814102846.K4594-100000@daemon.cyberdoom.org> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII cc: security@freebsd.org Subject: Re: Certification (was RE: realpath(3) et al) X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 14 Aug 2003 07:35:54 -0000 Should we do actual work first for the OS, and then consider getting the certification ?. The more actual work we do, the better we look (and feel ;)). I guess OpenBSD doesn't have any certification, but still goverments and company's uses them. Only my $0.20 On Wed, 13 Aug 2003, Mike Hoskins wrote: > On Tue, 12 Aug 2003, Robert Watson wrote: > > The real upshot of all this, btw, is that security evaluation against the > > CC and related specs will have very little relationship to closing bugs > > associated with realpath(), et al. A source code auditing effort, funded > > or otherwise, would still be extremely useful, but the goal would have to > > be a more pragmatic "fewer bugs", and not a certification "Grade A > > Security" :-). > > firstly, i highly respect your opinions... based upon past correspondance > and the work i've seen from you. > > i also agree with what you say here, in some sense. that is, we want > fewer bugs more than certification X. however, while 'fewer bugs' is the > better thing in the minds of most coders/admins... 'grade A security' is > often the most prominent thing in the minds of the people with money... > often the people who make the decissions. i.e. which OS gets installed on > FBI and NSA computers. ;) lots of beuracracy there... so having > 'certification X' could get fbsd in doors it would not otherwise be > allowed to enter. that's not purely a security issue, but certianly one > i'd like to consider as important. however, i fully agree this portion of > the discussion can move to -advocacy. > > if we can agree on a given cert that's worthwhile (in some sense, like the > one SuSe seems to have accquired)... who is the best person to make the > case to -advocacy? i haven't been subscribed in awhile, but i guess it's > time to re-subscribe. :) how hard would it be to get corporations > involved? even without massive corporate support, if the issue is given > enough visibility... i'd think getting smaller donations from a large > number of people should not be impossible. (people do buy CDs, > afterall...) > > -mrh > > -- > From: "Spam Catcher" > To: spam-catcher@adept.org > Do NOT send email to the address listed above or > you will be added to a blacklist! > _______________________________________________ > freebsd-security@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org" > From owner-freebsd-security@FreeBSD.ORG Thu Aug 14 02:14:32 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C888337B405 for ; Thu, 14 Aug 2003 02:14:32 -0700 (PDT) Received: from endor.vader.dk (213.237.74.156.adsl.sol.worldonline.dk [213.237.74.156]) by mx1.FreeBSD.org (Postfix) with ESMTP id 931BD43FB1 for ; Thu, 14 Aug 2003 02:14:31 -0700 (PDT) (envelope-from vader@endor.vader.dk) Received: from endor.vader.dk (localhost.vader.dk [127.0.0.1]) by endor.vader.dk (8.12.8p1/8.12.8) with ESMTP id h7E9E8Pa072742 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 14 Aug 2003 11:14:08 +0200 (CEST) (envelope-from vader@endor.vader.dk) Received: (from vader@localhost) by endor.vader.dk (8.12.8p1/8.12.8/Submit) id h7E9E8S1072741 for freebsd-security@freebsd.org; Thu, 14 Aug 2003 11:14:08 +0200 (CEST) Resent-Message-Id: <200308140914.h7E9E8S1072741@endor.vader.dk> Date: Thu, 14 Aug 2003 02:22:25 +0200 From: Chris Larsen To: freebsd-security@freebsd.org Message-ID: <20030814002225.GH436@endor.vader.dk> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-md5; protocol="application/pgp-signature"; boundary="a8sldprk+5E/pDEv" Content-Disposition: inline X-PGP-Fingerprint: F3 CA 1A 5B 68 19 17 97 D7 81 01 B6 01 62 CD CE Resent-From: vader@endor.vader.dk Resent-Date: Thu, 14 Aug 2003 11:14:08 +0200 Resent-To: freebsd-security@freebsd.org X-Scanned-By: MIMEDefang 2.36 X-Content-Filtered-By: Mailman/MimeDel 2.1.1 Subject: NOTICE: [CERT Advisory CA-2003-21 GNU Project FTP Server Compromise] X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: Chris Larsen List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 14 Aug 2003 09:14:33 -0000 --a8sldprk+5E/pDEv Content-Type: multipart/mixed; boundary="Y+xroYBkGM9OatJL" Content-Disposition: inline --Y+xroYBkGM9OatJL Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Hi All As many may have noticed the GNU Project's FTP server had been compromised = as outlined in this CERT advisory[1]. I felt the urge to quickly hack together a small perl script to check my distfiles against the published md5 sums from FSF. Using this file as reference: ftp://ftp.gnu.org/before-2003-08-01.md5sums.a= sc (Check and Verify the PGP signature ![1]) [1] Full CERT advisory : http://www.cert.org/advisories/CA-2003-21.html -*-*-*- Attached is a gzipped perl program to check ports/distfiles GNU archives against the above file and indicate OK or WARNING status. This script is provided in hope that people may find it useful. PS: I know already now it has some shortcommings and is not fully regression tested, but it fullfilled my purposes. --=20 Chris Larsen "Make something idiot proof, and someone will invent a better idiot." --Y+xroYBkGM9OatJL-- --a8sldprk+5E/pDEv Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- iQEVAwUBPzrWQZrTOTwTeZOlAQGqzwgAiCf6RXza4b2rctY36uawZfnFizdr8aZW XPguYA/UNYfxv4UyYlsdkK8jAVV+xtPVy9XQiMgHJ1D6UzZ4tWM86mdFmdZUqts6 c4wp/Q1AYHXy7s8X0kTQmojrRCfKDYgH/QAXwZojwl0TgZRY0yGFSlLzOMDkG3HC uKxmrMwV2tgbSq4JVVbrCaxdDB4MK4iiT6XC5cncjMqwOpi8Lfqx3fy/lZmnbWqz rkIkANuMun9veMKg1CbQDYRhQcq4MCjNwVXI78Nr31XaLWUL6oABHLlu+wML75my rPSLW67EurHbMBPY6e2lO2go8ImH7VZjUiFHk/BP3NUH2YBFr8v/ig== =6R6J -----END PGP SIGNATURE----- --a8sldprk+5E/pDEv-- From owner-freebsd-security@FreeBSD.ORG Thu Aug 14 02:38:20 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5BEB537B401 for ; Thu, 14 Aug 2003 02:38:20 -0700 (PDT) Received: from endor.vader.dk (213.237.74.156.adsl.sol.worldonline.dk [213.237.74.156]) by mx1.FreeBSD.org (Postfix) with ESMTP id 020C343F75 for ; Thu, 14 Aug 2003 02:38:17 -0700 (PDT) (envelope-from vader@endor.vader.dk) Received: from endor.vader.dk (localhost.vader.dk [127.0.0.1]) by endor.vader.dk (8.12.8p1/8.12.8) with ESMTP id h7E9brPa072907 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO) for ; Thu, 14 Aug 2003 11:37:53 +0200 (CEST) (envelope-from vader@endor.vader.dk) Received: (from vader@localhost) by endor.vader.dk (8.12.8p1/8.12.8/Submit) id h7E9brox072906 for freebsd-security@freebsd.org; Thu, 14 Aug 2003 11:37:53 +0200 (CEST) Date: Thu, 14 Aug 2003 11:37:52 +0200 From: Chris Larsen To: freebsd-security@freebsd.org Message-ID: <20030814093752.GK436@endor.vader.dk> References: <20030814002225.GH436@endor.vader.dk> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-md5; protocol="application/pgp-signature"; boundary="FUFe+yI/t+r3nyH4" Content-Disposition: inline In-Reply-To: <20030814002225.GH436@endor.vader.dk> X-PGP-Fingerprint: F3 CA 1A 5B 68 19 17 97 D7 81 01 B6 01 62 CD CE X-Scanned-By: MIMEDefang 2.36 Subject: Re: NOTICE: [CERT Advisory CA-2003-21 GNU Project FTP Server Compromise] X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: Chris Larsen List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 14 Aug 2003 09:38:20 -0000 --FUFe+yI/t+r3nyH4 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable Hi All Sorry about this: 1) I could have told myself that sending the script as attachment would not make it through mailman Please find the script here : http://www.babel.dk/home/~vader/scripts/ 2) I just verified my signature locally (sent mail) against the one put on = the mailing list and there is a definitive mismatch. Probably due to mailman altering the mail, i hope the signature on this mail will be correct. Re. --=20 Chris Larsen "Make something idiot proof, and someone will invent a better idiot." --FUFe+yI/t+r3nyH4 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- iQEVAwUBPztYcJrTOTwTeZOlAQFNBAgAoe0RkveRBM57CraHo/KBv0p0J995Jiit rCIP4AF2H683ougr0/7oeJk0i6f7AO+ft/keTLYYhjEOWLkrdL28xNbPinjDcmUn vtSB7RE1DK3w6PJaVjzk7Jg0tTQfP9bJvCnCY6lQfqK0FKyjxXlsamXnJ87X7i0N JGzcBfPOmBV4WupnK1eDmi3AkVluBi9sv2pnrYshvaR+HUnSLS0vOQU4C1cMK7hi 4KNoT0C2z3yepsjwJS+kaKW0YkrqU85mcjzi49yX+VUGL3RlfWALRR/EHe/t2iLF 1Px9gDyarvuTzfBjDljuGMiZ9KTBYBjveZ9Ylxk1L1SoJ+eehb+wtw== =hpSm -----END PGP SIGNATURE----- --FUFe+yI/t+r3nyH4-- From owner-freebsd-security@FreeBSD.ORG Thu Aug 14 11:38:26 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id CE4FE37B401 for ; Thu, 14 Aug 2003 11:38:26 -0700 (PDT) Received: from sccrmhc11.comcast.net (sccrmhc11.comcast.net [204.127.202.55]) by mx1.FreeBSD.org (Postfix) with ESMTP id BEAC243F93 for ; Thu, 14 Aug 2003 11:38:25 -0700 (PDT) (envelope-from mike@zero.nolaf.net) Received: from zero.nolaf.net (nolaf.net[68.82.90.123]) by comcast.net (sccrmhc11) with ESMTP id <2003081418382401100q2ghqe>; Thu, 14 Aug 2003 18:38:24 +0000 Received: by zero.nolaf.net (Postfix, from userid 1000) id 56439388; Thu, 14 Aug 2003 14:38:24 -0400 (EDT) Date: Thu, 14 Aug 2003 14:38:24 -0400 From: Michael McDowell To: security@freebsd.org Message-ID: <20030814183824.GA29697@nolaf.net> Mail-Followup-To: security@freebsd.org References: <20030811133749.U27196@fubar.adept.org> <20030811232132.GB46629@madman.celabo.org> <20030811162602.N72549@fubar.adept.org> <20030812085617.GA407@FreeBSD.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20030812085617.GA407@FreeBSD.org> User-Agent: Mutt/1.4.1i X-GPG-Fingerprint: 8CA7 DF3C 5CE5 180D DC59 0A1A 06D2 7D87 285A 6470 X-GPG-Key: http://www.nolaf.net/public_key.txt Subject: Re: realpath(3) et al X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 14 Aug 2003 18:38:27 -0000 I agree with the OpenBSD suggestion, it would be a real time saver. On Tue, Aug 12, 2003 at 10:56:18AM +0200, Simon L. Nielsen wrote: > On 2003.08.11 16:34:40 -0700, Mike Hoskins wrote: > > > Wasn't there a page (maybe there still is...) showing sections of the base > > system as 'assigned' to certain individuals, with contact info listed? I > > think it was pretty stale for awhile, but maybe something similar could be > > revived and maintained. If it already is, great! > > There is http://www.freebsd.org/auditors.html but it hasn't been updated for > a very long time. > > BTW, if anybody really wants to start up the audit project again, I > think somebody should take a look at integrating some of the changes > OpenBSD has made. No reason to spend time finding the bugs OpenBSD has > already fixed. > > -- > Simon L. Nielsen > FreeBSD Documentation Team From owner-freebsd-security@FreeBSD.ORG Thu Aug 14 11:52:01 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9902B37B404 for ; Thu, 14 Aug 2003 11:52:01 -0700 (PDT) Received: from smtp4.server.rpi.edu (smtp4.server.rpi.edu [128.113.2.4]) by mx1.FreeBSD.org (Postfix) with ESMTP id 7957143F93 for ; Thu, 14 Aug 2003 11:52:00 -0700 (PDT) (envelope-from drosih@rpi.edu) Received: from [128.113.24.47] (gilead.netel.rpi.edu [128.113.24.47]) by smtp4.server.rpi.edu (8.12.9/8.12.9) with ESMTP id h7EIpwgl001268; Thu, 14 Aug 2003 14:51:58 -0400 Mime-Version: 1.0 X-Sender: drosih@mail.rpi.edu Message-Id: In-Reply-To: <20030814183824.GA29697@nolaf.net> References: <20030811133749.U27196@fubar.adept.org> <20030811232132.GB46629@madman.celabo.org> <20030811162602.N72549@fubar.adept.org> <20030812085617.GA407@FreeBSD.org> <20030814183824.GA29697@nolaf.net> Date: Thu, 14 Aug 2003 14:51:57 -0400 To: Michael McDowell , security@freebsd.org From: Garance A Drosihn Content-Type: text/plain; charset="us-ascii" ; format="flowed" X-Scanned-By: CanIt (www . canit . ca) Subject: Re: realpath(3) et al X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 14 Aug 2003 18:52:02 -0000 At 2:38 PM -0400 8/14/03, Michael McDowell wrote: > >On Tue, Aug 12, 2003 at 10:56:18AM +0200, Simon L. Nielsen wrote: >> > > BTW, if anybody really wants to start up the audit project > > again, I think somebody should take a look at integrating > > some of the changes OpenBSD has made. No reason to spend > > time finding the bugs OpenBSD has already fixed. > >I agree with the OpenBSD suggestion, it would be a real time >saver. Speaking as someone who actually looks at NetBSD and OpenBSD sources, this is often much easier said than done. There are a number of source files which have diverged so much over the years that it can chew up an awful lot of time to try to separate the "simple bug fixes" from new features, or various code-rearrangements. As I say, I *do* try to do this, so I certainly do think it is worth doing. However, it is not necessarily "a real time saver". -- Garance Alistair Drosehn = gad@gilead.netel.rpi.edu Senior Systems Programmer or gad@freebsd.org Rensselaer Polytechnic Institute or drosih@rpi.edu From owner-freebsd-security@FreeBSD.ORG Thu Aug 14 12:13:20 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id A7D1D37B405 for ; Thu, 14 Aug 2003 12:13:20 -0700 (PDT) Received: from web10101.mail.yahoo.com (web10101.mail.yahoo.com [216.136.130.51]) by mx1.FreeBSD.org (Postfix) with SMTP id 411D243F85 for ; Thu, 14 Aug 2003 12:13:19 -0700 (PDT) (envelope-from twigles@yahoo.com) Message-ID: <20030814191319.27694.qmail@web10101.mail.yahoo.com> Received: from [68.5.49.41] by web10101.mail.yahoo.com via HTTP; Thu, 14 Aug 2003 12:13:19 PDT Date: Thu, 14 Aug 2003 12:13:19 -0700 (PDT) From: twig les To: Robert Watson , Mike Hoskins In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii cc: freebsd-advocacy@freebsd.org cc: security@freebsd.org Subject: Re: Certification (was RE: realpath(3) et al) - jumping to -advocacy X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 14 Aug 2003 19:13:21 -0000 I am CC'ing -advocacy on this so we can officially move this thread over (bc getting chastised hurts my inner-child). Please don't CC -security anymore, although I am in no position whatsoever to enforce this request. Now, to the topic... I have the distinct pleasure of working at a huge telco so I have a pretty good sense of what big business wants in computing, which is: big-name company, commercial, supported, reliable software/hardware with "canned" interoperability with other like hardware/software. So what would really push FreeBSD in the eyes of my non-tech bosses (legion, for there are many) are things like: RSA Ace server natively, which I believe the library exists, it just costs $2000 or so, so this one might be BS. A large company that has a roll-out hardware/software package. This includes support. I *know* that it is easy to patch/make world, but the number of "computer engineers" that have never heard of SSH is astounding. Management needs a 3rd-party to bitch about and know will still be around in 5 years. A console port on the hardware platform. Have you ever tried sending management to the pcweasel web site? As silly as it sounds (and I understand how silly it sounds), a certification like the Red Hack one would help. I apologize profusely for saying that. I'm sure I'm missing a lot but if we want a corporate sponsor like my massive mother company (which rhymes with AT&C) then it seems like we need different medium companies pushing FreeBSD instead of redhat as a packaged solution. --- Robert Watson wrote: > > On Wed, 13 Aug 2003, Mike Hoskins wrote: > > > i also agree with what you say here, in some sense. that > is, we want > > fewer bugs more than certification X. however, while 'fewer > bugs' is > > the better thing in the minds of most coders/admins... > 'grade A > > security' is often the most prominent thing in the minds of > the people > > with money... often the people who make the decissions. > i.e. which OS > > gets installed on FBI and NSA computers. ;) lots of > beuracracy > > there... so having 'certification X' could get fbsd in > doors it would > > not otherwise be allowed to enter. that's not purely a > security issue, > > but certianly one i'd like to consider as important. > however, i fully > > agree this portion of the discussion can move to -advocacy. > > > > if we can agree on a given cert that's worthwhile (in some > sense, like > > the one SuSe seems to have accquired)... who is the best > person to make > > the case to -advocacy? i haven't been subscribed in awhile, > but i guess > > it's time to re-subscribe. :) how hard would it be to get > corporations > > involved? even without massive corporate support, if the > issue is given > > enough visibility... i'd think getting smaller donations > from a large > > number of people should not be impossible. (people do buy > CDs, > > afterall...) > > SuSe has a low assurance (EAL2) evaluation against a > custom-written > evaluation criteria. I think a much better target would be a > higher > assurance level (EAL3) against a consumer-desired target (such > as CAPP). > Otherwise, it's really a press release, not an evaluation. As > I mentioned > before, if you want to get into the certification game, what > you really > want is an end-consumer in DoD (or wherever) willing to push > for the > evaluation of FreeBSD in their organization so that once you > have it > evaluated, you have someone who will use it, not to mention > help you > navigate the certification waters. I think smaller donations > would be > great, but I also think that the cost you're looking at for > evaluation is > probably in excess of what you'd be able to get together in > small > donations--to do CAPP at EAL3, I really can't imagine it > costing less than > 500k, which is a lot of small donations :-). > > The best way to get FreeBSD evaluated is to make the sell for > FreeBSD in > environments that require evaluation -- those places are > probably capable > of helping to foot an evaluation bill if they decide they want > to run > FreeBSD. So from an advocacy perspective, that means keeping > research > organizations building new technology on FreeBSD, helping > defense > contractors use FreeBSD to solve real-world problems, etc. > > I agree the certification has value, but it isn't equivilent > to code > review or secure development practices, at least a the lower > assurance > levels. I'd like to see FreeBSD receive certifications a > great deal, and > I'd like very much to help provide the technical pieces to > make that > possible. It's one of the important motivations for doing the > TrustedBSD > work: make sure that if an organization comes along wanting to > evaluate > FreeBSD, we've made it as easy for them as possible by > providing the > technical pieces they need. > > Robert N M Watson FreeBSD Core Team, TrustedBSD > Projects > robert@fledge.watson.org Network Associates Laboratories > > > _______________________________________________ > freebsd-security@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org" ===== ----------------------------------------------------------- Emo is what happens when the glee club goes punk. ----------------------------------------------------------- __________________________________ Do you Yahoo!? Yahoo! SiteBuilder - Free, easy-to-use web site design software http://sitebuilder.yahoo.com From owner-freebsd-security@FreeBSD.ORG Thu Aug 14 13:22:13 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D175437B401 for ; Thu, 14 Aug 2003 13:22:13 -0700 (PDT) Received: from hysteria.spc.org (hysteria.spc.org [195.206.69.234]) by mx1.FreeBSD.org (Postfix) with SMTP id B064C43FB1 for ; Thu, 14 Aug 2003 13:22:12 -0700 (PDT) (envelope-from bms@hysteria.spc.org) Received: (qmail 30667 invoked by uid 5013); 14 Aug 2003 20:19:23 -0000 Date: Thu, 14 Aug 2003 21:19:23 +0100 From: Bruce M Simpson To: Mike Hoskins Message-ID: <20030814201923.GB21219@spc.org> References: <20030811133749.U27196@fubar.adept.org> <20030811232132.GB46629@madman.celabo.org> <20030812085617.GA407@FreeBSD.org> <20030812180122.C96000@fubar.adept.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20030812180122.C96000@fubar.adept.org> User-Agent: Mutt/1.4.1i Organization: SPC cc: security@freebsd.org Subject: Re: realpath(3) et al X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 14 Aug 2003 20:22:14 -0000 On Tue, Aug 12, 2003 at 06:06:32PM -0700, Mike Hoskins wrote: > *sigh* i'd hoped the project was 'always' ongoing, and that sharing > and/or integrating changes amongst the various BSD source trees would be > commonplace. the fact that it's not clearly illustrates that our biggest > enemey in the security game is ourselves. (by 'selves' i mean anyone who > feels not sharing a security or bug fix is a good idea.) I think it would rock if we had more people cross-pollinating the BSDs in general. Security fixes are no exception. I am thinking in particular of the non-executable stack stuff in OpenBSD. BMS From owner-freebsd-security@FreeBSD.ORG Thu Aug 14 13:33:24 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5CE2837B404 for ; Thu, 14 Aug 2003 13:33:24 -0700 (PDT) Received: from amsfep15-int.chello.nl (amsfep15-int.chello.nl [213.46.243.28]) by mx1.FreeBSD.org (Postfix) with ESMTP id 016DD43FE5 for ; Thu, 14 Aug 2003 13:33:23 -0700 (PDT) (envelope-from dodell@sitetronics.com) Received: from internal ([213.46.141.159]) by amsfep15-int.chello.nl (InterMail vM.5.01.05.17 201-253-122-126-117-20021021) with ESMTP id <20030814203321.CVMA23618.amsfep15-int.chello.nl@internal>; Thu, 14 Aug 2003 22:33:21 +0200 From: "Devon H. O'Dell" To: "'Bruce M Simpson'" , "'Mike Hoskins'" Date: Thu, 14 Aug 2003 22:33:12 +0200 Organization: SiteTronics Message-ID: <000301c362a3$4af46db0$9f8d2ed5@internal> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: quoted-printable X-Priority: 3 (Normal) X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook, Build 10.0.4510 In-Reply-To: <20030814201923.GB21219@spc.org> X-MIMEOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 Importance: Normal cc: security@freebsd.org Subject: RE: realpath(3) et al X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 14 Aug 2003 20:33:25 -0000 This is something that I brought up at the beginning of this thread. = There were several reasons why it was not/is not implemented. The final = outcome (as far as I can tell) is that I'm creating and maintaining some ports implementing IBM's SSP patches for GCC 3.3 and GCC 2.9.5. --Devon > -----Oorspronkelijk bericht----- > Van: owner-freebsd-security@freebsd.org [mailto:owner-freebsd- > security@freebsd.org] Namens Bruce M Simpson > Verzonden: Thursday, August 14, 2003 10:19 PM > Aan: Mike Hoskins > CC: security@freebsd.org > Onderwerp: Re: realpath(3) et al >=20 > On Tue, Aug 12, 2003 at 06:06:32PM -0700, Mike Hoskins wrote: > > *sigh* i'd hoped the project was 'always' ongoing, and that sharing > > and/or integrating changes amongst the various BSD source trees = would be > > commonplace. the fact that it's not clearly illustrates that our > biggest > > enemey in the security game is ourselves. (by 'selves' i mean = anyone > who > > feels not sharing a security or bug fix is a good idea.) >=20 > I think it would rock if we had more people cross-pollinating the BSDs = in > general. Security fixes are no exception. I am thinking in particular = of > the non-executable stack stuff in OpenBSD. >=20 > BMS > _______________________________________________ > freebsd-security@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "freebsd-security- > unsubscribe@freebsd.org" From owner-freebsd-security@FreeBSD.ORG Thu Aug 14 13:51:30 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5AB6537B401 for ; Thu, 14 Aug 2003 13:51:30 -0700 (PDT) Received: from fubar.adept.org (fubar.adept.org [63.147.172.249]) by mx1.FreeBSD.org (Postfix) with ESMTP id E210643F93 for ; Thu, 14 Aug 2003 13:51:29 -0700 (PDT) (envelope-from mike@adept.org) Received: by fubar.adept.org (Postfix, from userid 1001) id DB49715256; Thu, 14 Aug 2003 13:51:29 -0700 (PDT) Received: from localhost (localhost [127.0.0.1]) by fubar.adept.org (Postfix) with ESMTP id DA73E1524D for ; Thu, 14 Aug 2003 13:51:29 -0700 (PDT) Date: Thu, 14 Aug 2003 13:51:29 -0700 (PDT) From: Mike Hoskins To: security@freebsd.org In-Reply-To: <20030814102846.K4594-100000@daemon.cyberdoom.org> Message-ID: <20030814135009.L19401@fubar.adept.org> References: <20030814102846.K4594-100000@daemon.cyberdoom.org> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Subject: Re: Certification (was RE: realpath(3) et al) X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 14 Aug 2003 20:51:30 -0000 On Thu, 14 Aug 2003, Dan Airinen wrote: > Should we do actual work first for the OS, and then consider getting the > certification ?. certainly, and we're already doing work... :) > The more actual work we do, the better we look (and feel ;)). agreed. > I guess OpenBSD doesn't have any certification, but still goverments and > company's uses them. no, but they've had a lot of '3rd-party' (read, i believe, network associates) review that we haven't. (that's mentioned on their website.) -mrh -- From: "Spam Catcher" To: spam-catcher@adept.org Do NOT send email to the address listed above or you will be added to a blacklist! From owner-freebsd-security@FreeBSD.ORG Thu Aug 14 14:06:59 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9B4A137B401 for ; Thu, 14 Aug 2003 14:06:59 -0700 (PDT) Received: from fubar.adept.org (fubar.adept.org [63.147.172.249]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3421B43FD7 for ; Thu, 14 Aug 2003 14:06:59 -0700 (PDT) (envelope-from mike@adept.org) Received: by fubar.adept.org (Postfix, from userid 1001) id 2DCA815256; Thu, 14 Aug 2003 14:06:59 -0700 (PDT) Received: from localhost (localhost [127.0.0.1]) by fubar.adept.org (Postfix) with ESMTP id 2CF071524D for ; Thu, 14 Aug 2003 14:06:59 -0700 (PDT) Date: Thu, 14 Aug 2003 14:06:59 -0700 (PDT) From: Mike Hoskins To: security@freebsd.org In-Reply-To: <20030814201923.GB21219@spc.org> Message-ID: <20030814140550.K19401@fubar.adept.org> References: <20030811133749.U27196@fubar.adept.org> <20030811232132.GB46629@madman.celabo.org> <20030812180122.C96000@fubar.adept.org> <20030814201923.GB21219@spc.org> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Subject: Re: realpath(3) et al X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 14 Aug 2003 21:06:59 -0000 On Thu, 14 Aug 2003, Bruce M Simpson wrote: > I think it would rock if we had more people cross-pollinating the BSDs in > general. Security fixes are no exception. I am thinking in particular of > the non-executable stack stuff in OpenBSD. i agree... that's one of the main ideas behind the codereview.org site, now to make it a real site. ;) getting information shared in a timely manner sounds like a worthy cause. obviously it's not as easy as it sounds in a largly distributed, volunteer project. :) -mrh -- From: "Spam Catcher" To: spam-catcher@adept.org Do NOT send email to the address listed above or you will be added to a blacklist! From owner-freebsd-security@FreeBSD.ORG Thu Aug 14 14:09:31 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 15F6337B401 for ; Thu, 14 Aug 2003 14:09:31 -0700 (PDT) Received: from mail.cta.ro (mail.cta.ro [217.156.120.17]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6857A43F85 for ; Thu, 14 Aug 2003 14:09:26 -0700 (PDT) (envelope-from daniel@guitar.ro) Received: from yyy ([217.73.166.72]) by mail.cta.ro (8.11.6/8.11.6) with SMTP id h7ELNLT04465 for ; Fri, 15 Aug 2003 00:23:22 +0300 MIME-Version: 1.0 Message-Id: <3F3BFA84.000001.01920@yyy> Date: Fri, 15 Aug 2003 00:09:24 +0300 (E. Europe Daylight Time) Content-Type: Multipart/related; type="multipart/alternative"; boundary="------------Boundary-00=_O3OMQL80000000000000" X-Mailer: IncrediMail 2001 (1850924) From: "daniel@guitar.ro" References: <20030814135009.L19401@fubar.adept.org> X-FID: BA285063-5BCE-11D4-AF8D-0050DAC67E11 X-FVER: X-FIT: X-FCOL: X-FCAT: X-FDIS: X-BG: <0F899287-5D95-4371-BFF3-B8EC4CF319F7> X-BGT: repeat X-BGC: #eff3f7 X-BGPX: left X-BGPY: 0px X-ASN: ANIM3D00-NONE-0000-0000-000000000000 X-ASNF: 0 X-ASH: ANIM3D00-NONE-0000-0000-000000000000 X-ASHF: 1 X-AN: 6486DDE0-3EFD-11D4-BA3D-0050DAC68030 X-ANF: 0 X-AP: 6486DDE0-3EFD-11D4-BA3D-0050DAC68030 X-APF: 1 X-AD: C3C52140-4147-11D4-BA3D-0050DAC68030 X-ADF: 0 X-AUTO: X-ASN,X-ASH,X-AN,X-AP,X-AD X-CNT: ; X-Priority: 3 To: X-Content-Filtered-By: Mailman/MimeDel 2.1.1 Subject: Re: Certification (was RE: realpath(3) et al) X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 14 Aug 2003 21:09:31 -0000 --------------Boundary-00=_O3OMQL80000000000000 Content-Type: Text/Plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable OpenBSD, throwing my second cpu to /dev/null ?=0D =0D dan=0D =0D -------Original Message-------=0D =0D From: Mike Hoskins=0D Date: Thursday, August 14, 2003 11:53:45 PM=0D To: security@freebsd.org=0D Subject: Re: Certification (was RE: realpath(3) et al)=0D =0D On Thu, 14 Aug 2003, Dan Airinen wrote:=0D > Should we do actual work first for the OS, and then consider getting th= e=0D > certification ?.=0D =0D certainly, and we're already doing work... :)=0D =0D > The more actual work we do, the better we look (and feel ;)).=0D =0D agreed.=0D =0D > I guess OpenBSD doesn't have any certification, but still goverments an= d=0D > company's uses them.=0D =0D no, but they've had a lot of '3rd-party' (read, i believe, network=0D associates) review that we haven't. (that's mentioned on their website.)=0D =0D -mrh=0D =0D --=0D From: "Spam Catcher" =0D To: spam-catcher@adept.org=0D Do NOT send email to the address listed above or=0D you will be added to a blacklist!=0D _______________________________________________=0D freebsd-security@freebsd.org mailing list=0D http://lists.freebsd.org/mailman/listinfo/freebsd-security=0D To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.or= g"=0D =2E=20 --------------Boundary-00=_O3OMQL80000000000000-- From owner-freebsd-security@FreeBSD.ORG Thu Aug 14 23:02:21 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id B150137B401 for ; Thu, 14 Aug 2003 23:02:21 -0700 (PDT) Received: from ipb.redline.ru (ipb.redline.ru [217.144.98.242]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6101A43FAF for ; Thu, 14 Aug 2003 23:02:20 -0700 (PDT) (envelope-from zakharov@ipb.redline.ru) Received: from starfall ([192.232.12.98]) by ipb.redline.ru (8.12.9/8.12.9) with SMTP id h7F62HoQ001648 for ; Fri, 15 Aug 2003 10:02:17 +0400 (MSD) (envelope-from zakharov@ipb.redline.ru) Message-ID: <012901c362f2$3108e4e0$620ce8c0@tv.interprom.msk.su> From: "Mikhail E. Zakharov" To: Date: Fri, 15 Aug 2003 09:58:03 +0400 MIME-Version: 1.0 Content-Type: text/plain; charset="koi8-r" Content-Transfer-Encoding: 7bit X-Priority: 3 X-MSMail-Priority: Normal X-Mailer: Microsoft Outlook Express 6.00.2800.1158 X-MimeOLE: Produced By Microsoft MimeOLE V6.00.2800.1165 Subject: chkrootkit reports INFECTED :( X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: "Mikhail E. Zakharov" List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 15 Aug 2003 06:02:22 -0000 Hi! Running chkrootkit on newly installed FreeBSD 5.0 got: -cut- Checking `basename'... not infected Checking `biff'... not infected Checking `chfn'... INFECTED Checking `chsh'... INFECTED Checking `cron'... not infected Checking `date'... INFECTED -cut- Checking `ls'... INFECTED -cut- Checking `ps'... INFECTED Checking `pstree'... not found -cut- What does it mean? Is my system really hacked? From owner-freebsd-security@FreeBSD.ORG Fri Aug 15 04:02:37 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id F13A837B401 for ; Fri, 15 Aug 2003 04:02:37 -0700 (PDT) Received: from thevoid.delnoch.net (thevoid.delnoch.net [66.93.83.238]) by mx1.FreeBSD.org (Postfix) with ESMTP id 67EFB43F75 for ; Fri, 15 Aug 2003 04:02:37 -0700 (PDT) (envelope-from jeffi@rcn.com) Received: by thevoid.delnoch.net (Postfix, from userid 1000) id 9B96A39ABA; Fri, 15 Aug 2003 07:02:36 -0400 (EDT) Date: Fri, 15 Aug 2003 07:02:36 -0400 From: Jeff To: "Mikhail E. Zakharov" Message-ID: <20030815110236.GA4111@rcn.com> References: <012901c362f2$3108e4e0$620ce8c0@tv.interprom.msk.su> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <012901c362f2$3108e4e0$620ce8c0@tv.interprom.msk.su> User-Agent: Mutt/1.4.1i cc: freebsd-security@freebsd.org Subject: Re: chkrootkit reports INFECTED :( X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 15 Aug 2003 11:02:38 -0000 > Hi! > Running chkrootkit on newly installed FreeBSD 5.0 got: > > Checking `chfn'... INFECTED > Checking `chsh'... INFECTED > Checking `date'... INFECTED > Checking `ls'... INFECTED > Checking `ps'... INFECTED > -cut- > > What does it mean? Is my system really hacked? Please search the archives before posting, this is an FAQ http://marc.theaimsgroup.com/?l=freebsd-security&m=105024349011494&w=2 Jeff From owner-freebsd-security@FreeBSD.ORG Fri Aug 15 04:15:57 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0C53D37B408 for ; Fri, 15 Aug 2003 04:15:55 -0700 (PDT) Received: from sccrmhc12.comcast.net (sccrmhc12.comcast.net [204.127.202.56]) by mx1.FreeBSD.org (Postfix) with ESMTP id E626443FDF for ; Fri, 15 Aug 2003 04:15:53 -0700 (PDT) (envelope-from rootman22@comcast.net) Received: from 12-209-185-111.client.attbi.com ([12.209.185.111]) by comcast.net (sccrmhc12) with SMTP id <200308151115520120032g2ee>; Fri, 15 Aug 2003 11:15:53 +0000 From: Joe Warner To: "Mikhail E. Zakharov" , Date: Fri, 15 Aug 2003 05:16:20 -0600 User-Agent: KMail/1.5.2 References: <012901c362f2$3108e4e0$620ce8c0@tv.interprom.msk.su> In-Reply-To: <012901c362f2$3108e4e0$620ce8c0@tv.interprom.msk.su> MIME-Version: 1.0 Content-Type: text/plain; charset="koi8-r" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline Message-Id: <200308150516.20309.rootman22@comcast.net> Subject: Re: chkrootkit reports INFECTED :( X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 15 Aug 2003 11:15:57 -0000 On Thursday 14 August 2003 11:58 pm, Mikhail E. Zakharov wrote: > Hi! > Running chkrootkit on newly installed FreeBSD 5.0 got: > > -cut- > Checking `basename'... not infected > Checking `biff'... not infected > Checking `chfn'... INFECTED > Checking `chsh'... INFECTED > Checking `cron'... not infected > Checking `date'... INFECTED > -cut- > Checking `ls'... INFECTED > -cut- > Checking `ps'... INFECTED > Checking `pstree'... not found > -cut- > > What does it mean? Is my system really hacked? No, that happened to me too on one of my FreeBSD 5.1 -RELEASE systems so I sent an email to Nelson Murilo and he responded saying the current version of chkrootkit doesn't work on systems running FreeBSD 5.x yet. =46rom http://www.chkrootkit.org: chkrootkit has been tested on: Linux 2.0.x, 2.2.x and 2.4.x, FreeBSD 2.2.x,= =20 3.x and 4.x, OpenBSD 2.6, 2.7, 2.8, 2.9, 3.0, 3.1 3.2 and 3.3, NetBSD 1.5.2= ,=20 Solaris 2.5.1, 2.6 and 8.0, HP-UX 11 and True64. Regards, Joe > _______________________________________________ > freebsd-security@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.or= g" From owner-freebsd-security@FreeBSD.ORG Fri Aug 15 07:17:47 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5FD0E37B401 for ; Fri, 15 Aug 2003 07:17:47 -0700 (PDT) Received: from mail.liwing.de (mail.liwing.de [213.70.188.162]) by mx1.FreeBSD.org (Postfix) with ESMTP id E89B843FDD for ; Fri, 15 Aug 2003 07:17:45 -0700 (PDT) (envelope-from rehsack@liwing.de) Received: (qmail 15453 invoked from network); 15 Aug 2003 14:17:11 -0000 Received: from stingray.liwing.de (HELO liwing.de) ([213.70.188.164]) (envelope-sender ) by mail.liwing.de (qmail-ldap-1.03) with SMTP for ; 15 Aug 2003 14:17:11 -0000 Message-ID: <3F3CEB66.20800@liwing.de> Date: Fri, 15 Aug 2003 16:17:10 +0200 From: Jens Rehsack Organization: LiWing IT-Services User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.0; en-US; rv:1.4) Gecko/20030624 Netscape/7.1 (ax) X-Accept-Language: de-de, de, en-us, en MIME-Version: 1.0 To: "Scot W. Hetzel" References: <3F26AA16.5030007@liwing.de> <20030729172122.GA5005@kokeb.ambesa.net><3F26BC7B.8070507@liwing.de> <20030801232918.GA37095@kokeb.ambesa.net><3F2D1800.5020006@liwing.de> <20030803230410.GA16947@kokeb.ambesa.net> <008901c36278$3d4a8f80$13fd2fd8@Admin02> In-Reply-To: <008901c36278$3d4a8f80$13fd2fd8@Admin02> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit cc: Clement Laforet cc: FreeBSD-Security List cc: Robert Watson cc: FreeBSD-Current List cc: Mike Makonnen Subject: Re: [PATCH] jail NG schript patch for mounting devfs and procfsautomatically X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 15 Aug 2003 14:17:47 -0000 On 14.08.2003 15:36, Scot W. Hetzel wrote: > I just noticed a problem with periodic scripts inside a jail. I'm getting: > > Local system status: > tee: /dev/stderr: Operation not supported > > Mail in local queue: > tee: /dev/stderr: Operation not supported > > Mail in submit queue: > tee: /dev/stderr: Operation not supported > > in the periodic daily, weekly, monthly and security reports. But if I mount > the fdescfs on the jail, then these errors go away. > > So we need to add the following to the new jail script > > jail_start() > { > : > eval jail_devfs=\"\$jail_${_jail}_devfs\" > [ -z ${jail_devfs} ] && jail_devfs="NO": > > eval jail_fdescfs=\"\$jail_${_jail}_fdescfs\" > [ -z ${jail_fdescfs} ] && jail_fdescfs="NO" > : > if checkyesno jail_devfs ; then > mount -t devfs dev ${jail_devdir} > if checkyesno jail_fdescfs ; then > mount -t fdescfs fdesc ${jail_devdir}/fd > fi > : > fi > : > } > > jail_stop() > { > : > eval jail_devfs=\"\$jail_${_jail}_devfs\" > [ -z ${jail_devfs} ] && jail_devfs="NO": > > eval jail_fdescfs=\"\$jail_${_jail}_fdescfs\" > [ -z ${jail_fdescfs} ] && jail_fdescfs="NO" > : > if checkyesno jail_devfs ; then > if [ -d ${jail_devdir} ] ; then > if checkyesno jail_fdescfs; then > umount -f ${jail_devdir}/fd >/dev/null 2>&1 > fi > umount -f ${jail_devdir} >/dev/null 2>&1 > fi > fi > : > } > > The only decsion we need to make is wheter to always mount the fdescfs when > devfs is mounted on the jail, or have a variable to enable mounting of the > fdescfs (jail_*_fdescfs). > > Scot I don't run periodics in jails, because they are not allowed to mail out :-) But I wouldn't really care having fdescfs mounted every time as security problem, so I would decide to mount it ever (or defaultly). If someone cares, addition of jail_example_mount_fdescfs is recommented. I add a CC to security@, because of there may be one or other who has an important comment. Best, Jens From owner-freebsd-security@FreeBSD.ORG Fri Aug 15 07:47:38 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 0962B37B404 for ; Fri, 15 Aug 2003 07:47:38 -0700 (PDT) Received: from zimbo.cs.wm.edu (zimbo.cs.wm.edu [128.239.2.64]) by mx1.FreeBSD.org (Postfix) with ESMTP id EA8F443FD7 for ; Fri, 15 Aug 2003 07:47:36 -0700 (PDT) (envelope-from zvezdan@corona.cs.wm.edu) Received: from corona.cs.wm.edu (corona [128.239.2.50]) by zimbo.cs.wm.edu (8.12.8/8.12.8) with ESMTP id h7FElapZ028971 for ; Fri, 15 Aug 2003 10:47:36 -0400 Received: (from zvezdan@localhost) by corona.cs.wm.edu (8.12.8/8.12.8/Submit) id h7FElaSW009219 for security@freebsd.org; Fri, 15 Aug 2003 10:47:36 -0400 Date: Fri, 15 Aug 2003 10:47:36 -0400 From: Zvezdan Petkovic To: security@freebsd.org Message-ID: <20030815144736.GA9209@corona.cs.wm.edu> Mail-Followup-To: security@freebsd.org References: <20030814135009.L19401@fubar.adept.org> <3F3BFA84.000001.01920@yyy> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <3F3BFA84.000001.01920@yyy> User-Agent: Mutt/1.4.1i Subject: Re: Certification (was RE: realpath(3) et al) X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 15 Aug 2003 14:47:38 -0000 On Fri, Aug 15, 2003 at 12:09:24AM +0300, daniel@guitar.ro wrote: > OpenBSD, throwing my second cpu to /dev/null ? 1. That is _TOTALLY_ irrelevant to a certification discussion. 2. Please, do not start another futile "mine is better than yours" discussion. 3. Please do not send extra ^M (carriage return characters) in your email. -- Zvezdan Petkovic http://www.cs.wm.edu/~zvezdan/