Date: Thu, 31 Aug 2000 12:06:18 -0400 (EDT) From: rwatson@freebsd.org To: FreeBSD-gnats-submit@freebsd.org Subject: kern/20963: wicontrol (and supporting ioctls/sysctls, presumably) reveal crypto key Message-ID: <200008311606.MAA25648@fledge.watson.org>
next in thread | raw e-mail | index | archive | help
>Number: 20963 >Category: kern >Synopsis: wicontrol (and supporting calls) reveal hardware crypto key to any user >Confidential: no >Severity: serious >Priority: medium >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: sw-bug >Submitter-Id: current-users >Arrival-Date: Thu Aug 31 09:10:01 PDT 2000 >Closed-Date: >Last-Modified: >Originator: Robert Watson >Release: FreeBSD 4.1-STABLE i386 >Organization: NAI Labs at Network Associates >Environment: 4.1-STABLE, using Wavelan wi driver, with hardware encryption enabled. >Description: wicontrol will show the hardware crypto key to any user. Probably, release of the crypto key should occur only to a process with appropriate privilege. This cannot just be done in wicontrol, but must be done at the ioctl used to retrieve the key, in kernel. Access to the system should not imply complete access to the network infrastructure. >How-To-Repeat: wicontrol -i wi0 >Fix: Not attached. >Release-Note: >Audit-Trail: >Unformatted: To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200008311606.MAA25648>