From owner-freebsd-security@FreeBSD.ORG Sun Oct 24 00:17:46 2004 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C721F16A4CE for ; Sun, 24 Oct 2004 00:17:46 +0000 (GMT) Received: from kane.otenet.gr (kane.otenet.gr [195.170.0.27]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0D01343D1D for ; Sun, 24 Oct 2004 00:17:45 +0000 (GMT) (envelope-from keramida@linux.gr) Received: from gothmog.gr (patr530-a027.otenet.gr [212.205.215.27]) i9O0HgYF009417; Sun, 24 Oct 2004 03:17:43 +0300 Received: from gothmog.gr (gothmog [127.0.0.1]) by gothmog.gr (8.13.1/8.13.1) with ESMTP id i9O0HUfZ026081; Sun, 24 Oct 2004 03:17:30 +0300 (EEST) (envelope-from keramida@linux.gr) Received: (from giorgos@localhost) by gothmog.gr (8.13.1/8.13.1/Submit) id i9NLp6dW077300; Sun, 24 Oct 2004 00:51:06 +0300 (EEST) (envelope-from keramida@linux.gr) Date: Sun, 24 Oct 2004 00:51:06 +0300 From: Giorgos Keramidas To: Vlad GALU Message-ID: <20041023215106.GB4233@gothmog.gr> References: <1323.213.112.198.199.1098388008.squirrel@mail.hackunite.net> <79722fad04102314136d2dc0e2@mail.gmail.com> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <79722fad04102314136d2dc0e2@mail.gmail.com> cc: freebsd-security@freebsd.org Subject: Re: Default permissions of /home/user.. X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 24 Oct 2004 00:17:46 -0000 On 2004-10-24 00:13, Vlad GALU wrote: > One thing though. The mtree file that controls the permissions > for / specifies 0755 as the mask for /root. It's allright with me, I > have "chmod /root 0600" in my .profile, but still ... No problem :) mkdir /root/private chmod 0600 /root/private Seriously now, if you don't use the root account for doing "real work", it shouldn't be a problem that its HOME directory is world-readable. I only keep very few files in my /root tree. Most of them are dot-files for programs I might want to run as root (i.e. .bashrc, .vimrc and not much else). Sensitive data is never stored in /root and *REALLY* sensitive data (like passwords) are never stored in a computer at all. So, why would one need to be paranoid about the permissions or /root? From owner-freebsd-security@FreeBSD.ORG Sat Oct 23 20:22:51 2004 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id CDEFE16A4CE for ; Sat, 23 Oct 2004 20:22:51 +0000 (GMT) Received: from mxfep01.bredband.com (mxfep01.bredband.com [195.54.107.70]) by mx1.FreeBSD.org (Postfix) with ESMTP id 00A3C43D3F for ; Sat, 23 Oct 2004 20:22:46 +0000 (GMT) (envelope-from jesper@hackunite.net) Received: from mail.hackunite.net ([213.112.198.219] [213.112.198.219]) by mxfep01.bredband.com with SMTP id <20041023202244.QPKF4883.mxfep01.bredband.com@mail.hackunite.net> for ; Sat, 23 Oct 2004 22:22:44 +0200 Received: from 213.112.198.199 (SquirrelMail authenticated user z3l3zt@hackunite.net) by mail.hackunite.net with HTTP; Sat, 23 Oct 2004 22:22:46 +0200 (CEST) Message-ID: <1357.213.112.198.199.1098562966.squirrel@mail.hackunite.net> In-Reply-To: <52757.10.0.0.10.1098560266.squirrel@10.0.0.10> References: <1323.213.112.198.199.1098388008.squirrel@mail.hackunite.net> <008401c4b868$ffd64ac0$3501a8c0@pro.sk> <00ab01c4b870$a3024760$3501a8c0@pro.sk> <52757.10.0.0.10.1098560266.squirrel@10.0.0.10> Date: Sat, 23 Oct 2004 22:22:46 +0200 (CEST) From: "Jesper Wallin" To: freebsd-security@freebsd.org MIME-Version: 1.0 Content-Type: text/plain;charset=iso-8859-1 Content-Transfer-Encoding: 8bit X-Mailer: SquirrelMail 1.4.2 X-Priority: 1 Importance: High X-Mailman-Approved-At: Sun, 24 Oct 2004 12:14:03 +0000 Subject: Re: Default permissions of /home/user.. X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 23 Oct 2004 20:22:51 -0000 Hello.. Sure, this works nice.. but yet, I did have to modify /usr/sbin/adduser .. Also, some of you said it's bad having a homedir chmod 700, how come? Let's say I use the account for coding, IRC perhaps, mail, etc.. none of those things require more access than 700? All I can think of is public_html which need o+x so nobody and/or www can access that directory.. I know, FreeBSD isn't Linux but most Linux systems run the same programs such as postfix, mysql, apache, openssh, etc.. and I know some distributions (like gentoo for example) which chmod it to 700 by default.. :) Wouldn't it be nice to add a default option for this in adduser.conf, like chmod=755? Since there seem to be more than just me asking for such feature. ;) Best regards, Jesper Wallin ps, thanks for all replies :D >> Sorry for my mistake - you use FreeBSD 5. The adduser command was changed >> to >> sh script in it. I do not use 5, so sorry again. >> >> If your /usr/sbin/adduser has in the start of lines 278 to 280 word >> "_pwcmd", add something like this after line 280: >> _pwcmd="$_pwcmd && chmod 700 $_home" >> >> Command stored in $_pwcmd is executed on line 282. The user should be >> added >> and homedir should be created. The addition above should chmod its homedir >> to 700 (drwx------) automatically. >> >> !!! AGAIN, NOT TESTED !!! >> >> Peter Rosa > > Just a quick correction, you'll want to chmod $uhome not $_home. Having > done that, you can consider your suggestion tested and working. > > Mark Magiera > > _______________________________________________ > freebsd-security@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org" > From owner-freebsd-security@FreeBSD.ORG Sun Oct 24 17:16:05 2004 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C184616A4CE for ; Sun, 24 Oct 2004 17:16:05 +0000 (GMT) Received: from brainbox.winbot.co.uk (cpc2-mapp3-6-0-cust221.nott.cable.ntl.com [81.101.250.221]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3DC8B43D3F for ; Sun, 24 Oct 2004 17:16:05 +0000 (GMT) (envelope-from brain@winbot.co.uk) Received: from synapse.brainbox.winbot.co.uk ([10.0.0.2] helo=[192.168.1.11]) by brainbox.winbot.co.uk with esmtp (Exim 4.24; FreeBSD) id 1CLmzC-0005RO-FC for freebsd-security@freebsd.org; Sun, 24 Oct 2004 19:20:58 +0100 Message-ID: <417BE32F.9020204@winbot.co.uk> Date: Sun, 24 Oct 2004 18:15:27 +0100 From: Craig Edwards Organization: Crypt Software User-Agent: Mozilla Thunderbird 0.8 (Windows/20040913) X-Accept-Language: en-us, en MIME-Version: 1.0 To: freebsd-security@freebsd.org References: <1323.213.112.198.199.1098388008.squirrel@mail.hackunite.net> <008401c4b868$ffd64ac0$3501a8c0@pro.sk> <00ab01c4b870$a3024760$3501a8c0@pro.sk> <52757.10.0.0.10.1098560266.squirrel@10.0.0.10> <1357.213.112.198.199.1098562966.squirrel@mail.hackunite.net> In-Reply-To: <1357.213.112.198.199.1098562966.squirrel@mail.hackunite.net> X-Enigmail-Version: 0.86.1.0 X-Enigmail-Supports: pgp-inline, pgp-mime Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Subject: broken lastlog? X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: brain@winbot.co.uk List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 24 Oct 2004 17:16:05 -0000 Hi. on freebsd 5.2.1 i managed to break my lastlog by repeatedly issuing 'date' commands. Im not sure how this happened but by issuing a command to set the date in an infinite while loop (i was attempting to break the restriction of setting the time to +/- 1 second in securelevel 2), you can end up with a lastlog like the following: [root@machine:username]$ last username ttyp2 4.1.2.3 Sun Oct 24 16:06 still logged in date { Fri Dec 13 20:45 date | Sun Oct 24 15:00 username2 ttyp2 1.2.3.4 Sun Oct 24 01:01 - 02:33 (01:31) etc etc... this output is sanitized so not to contain real data. The real test was done as root, so far i've not been able to pin this down. Has anyone seen this before and is it fixed in later versions? Thanks, Craig Edwards From owner-freebsd-security@FreeBSD.ORG Sun Oct 24 21:33:56 2004 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 8BACD16A4CE for ; Sun, 24 Oct 2004 21:33:56 +0000 (GMT) Received: from pi.codefab.com (pi.codefab.com [199.103.21.227]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3735243D2D for ; Sun, 24 Oct 2004 21:33:56 +0000 (GMT) (envelope-from cswiger@mac.com) Received: from [192.168.1.3] (pool-68-160-246-51.ny325.east.verizon.net [68.160.246.51]) by pi.codefab.com (8.12.11/8.12.11) with ESMTP id i9OLXnwN050612 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-SHA bits=256 verify=NO); Sun, 24 Oct 2004 17:33:52 -0400 (EDT) Message-ID: <417C1FB9.2090909@mac.com> Date: Sun, 24 Oct 2004 17:33:45 -0400 From: Chuck Swiger Organization: The Courts of Chaos User-Agent: Mozilla/5.0 (Windows; U; Windows NT 5.1; en-US; rv:1.7.3) Gecko/20040910 X-Accept-Language: en-us, en MIME-Version: 1.0 To: Jesper Wallin References: <1323.213.112.198.199.1098388008.squirrel@mail.hackunite.net> <008401c4b868$ffd64ac0$3501a8c0@pro.sk> <00ab01c4b870$a3024760$3501a8c0@pro.sk> <52757.10.0.0.10.1098560266.squirrel@10.0.0.10> <1357.213.112.198.199.1098562966.squirrel@mail.hackunite.net> In-Reply-To: <1357.213.112.198.199.1098562966.squirrel@mail.hackunite.net> X-Enigmail-Version: 0.86.1.0 X-Enigmail-Supports: pgp-inline, pgp-mime Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit X-Spam-Status: No, hits=0.0 required=5.5 tests=AWL autolearn=ham version=2.64 X-Spam-Checker-Version: SpamAssassin 2.64 (2004-01-11) on pi.codefab.com cc: freebsd-security@freebsd.org Subject: Re: Default permissions of /home/user.. X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 24 Oct 2004 21:33:56 -0000 Jesper Wallin wrote: > Sure, this works nice.. but yet, I did have to modify /usr/sbin/adduser .. Also, some of > you said it's bad having a homedir chmod 700, how come? Let's say I use the account for > coding, IRC perhaps, mail, etc.. none of those things require more access than 700? If you want to set up a highly secure user-account, using permissions of 700 is reasonable. However, it may not be sufficient, which is why chroot() and jails are available to create more restricted environments. One creates a "bind" user and chroot()s named to run inside /var/named, for example. You also should think about the umask being used. Historically, the default umask was 022. You seem to want something like 027 or 077. > All I can think of is public_html which need o+x so nobody and/or www can access that > directory.. I know, FreeBSD isn't Linux but most Linux systems run the same programs > such as postfix, mysql, apache, openssh, etc.. and I know some distributions (like > gentoo for example) which chmod it to 700 by default.. :) FreeBSD would prefer you to set up a group for each user, with GID == UID. This lets you use a umask of 002, and be able to share write access with other people who are in the same group. This is not significant to the owner of the file, who has user-mode access as well, but it lets the admin create new groups for a project, and users can chgrp files they want to share from their personal GID to the project GID. -- -Chuck From owner-freebsd-security@FreeBSD.ORG Mon Oct 25 17:15:54 2004 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 5BC8816A4CE for ; Mon, 25 Oct 2004 17:15:54 +0000 (GMT) Received: from fluffy.unixfu.net (fluffy.unixfu.net [66.197.133.17]) by mx1.FreeBSD.org (Postfix) with ESMTP id E22BD43D58 for ; Mon, 25 Oct 2004 17:15:53 +0000 (GMT) (envelope-from chris@burst.net) Received: from [192.168.0.100] (fe-3-1.rtr0.scra.hostnoc.net [66.197.191.126]) by fluffy.unixfu.net (Postfix) with ESMTP id 346E03D3; Mon, 25 Oct 2004 12:13:41 -0500 (EST) From: Chris Humphries Organization: BurstNET Technologies, Inc. To: freebsd-security@freebsd.org Date: Mon, 25 Oct 2004 13:15:54 -0400 User-Agent: KMail/1.7 References: <1323.213.112.198.199.1098388008.squirrel@mail.hackunite.net> <52757.10.0.0.10.1098560266.squirrel@10.0.0.10> <1357.213.112.198.199.1098562966.squirrel@mail.hackunite.net> In-Reply-To: <1357.213.112.198.199.1098562966.squirrel@mail.hackunite.net> MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Content-Disposition: inline Message-Id: <200410251315.55344.chris@burst.net> cc: Jesper Wallin Subject: Re: Default permissions of /home/user.. X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 25 Oct 2004 17:15:54 -0000 On Saturday 23 October 2004 04:22 pm, Jesper Wallin wrote: > Hello.. > > Sure, this works nice.. but yet, I did have to modify /usr/sbin/adduser .. > Also, some of you said it's bad having a homedir chmod 700, how come? Let's > say I use the account for coding, IRC perhaps, mail, etc.. none of those > things require more access than 700? All I can think of is public_html > which need o+x so nobody and/or www can access that directory.. I know, > FreeBSD isn't Linux but most Linux systems run the same programs such as > postfix, mysql, apache, openssh, etc.. and I know some distributions (like > gentoo for example) which chmod it to 700 by default.. :) > > Wouldn't it be nice to add a default option for this in adduser.conf, like > chmod=755? Since there seem to be more than just me asking for such > feature. ;) > IMO, the OS should apply the most useful permissions. If home directory permissions are a problem, then running a script that tightens down everything is more appropriate. I have scripts that I run on servers that apply whatever settings and permissions I desire, after initial creation of the user[/group] and directories. That includes default directory and acl setup. Just like a default install of the OS should never be stuck directly on the net, default user creation should not allow the user right after... unless that is what you like to do, heh. I do not believe this is something that should be part of the OS, but should be something that is part of whatever set of utilities you use and are required of you or your team locally. > > Best regards, > Jesper Wallin > > ps, thanks for all replies :D > > >> Sorry for my mistake - you use FreeBSD 5. The adduser command was > >> changed to > >> sh script in it. I do not use 5, so sorry again. > >> > >> If your /usr/sbin/adduser has in the start of lines 278 to 280 word > >> "_pwcmd", add something like this after line 280: > >> _pwcmd="$_pwcmd && chmod 700 $_home" > >> > >> Command stored in $_pwcmd is executed on line 282. The user should be > >> added > >> and homedir should be created. The addition above should chmod its > >> homedir to 700 (drwx------) automatically. > >> > >> !!! AGAIN, NOT TESTED !!! > >> > >> Peter Rosa > > > > Just a quick correction, you'll want to chmod $uhome not $_home. Having > > done that, you can consider your suggestion tested and working. > > > > Mark Magiera > > > > _______________________________________________ > > freebsd-security@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-security > > To unsubscribe, send any mail to > > "freebsd-security-unsubscribe@freebsd.org" > > _______________________________________________ > freebsd-security@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org" From owner-freebsd-security@FreeBSD.ORG Tue Oct 26 19:58:57 2004 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 498BE16A4CE for ; Tue, 26 Oct 2004 19:58:57 +0000 (GMT) Received: from tx1.mail.ox.ac.uk (tx1.mail.ox.ac.uk [129.67.1.167]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2444143D49 for ; Tue, 26 Oct 2004 19:58:56 +0000 (GMT) (envelope-from colin.percival@wadham.ox.ac.uk) Received: from scan1.mail.ox.ac.uk ([129.67.1.166] helo=localhost) by tx1.mail.ox.ac.uk with esmtp (Exim 4.42) id 1CMXT4-000270-6E for freebsd-security@freebsd.org; Tue, 26 Oct 2004 20:58:54 +0100 Received: from rx1.mail.ox.ac.uk ([129.67.1.165]) by localhost (scan1.mail.ox.ac.uk [129.67.1.166]) (amavisd-new, port 25) with ESMTP id 08069-02 for ; Tue, 26 Oct 2004 20:58:54 +0100 (BST) Received: from gateway.wadham.ox.ac.uk ([163.1.161.253]) by rx1.mail.ox.ac.uk with smtp (Exim 4.42) id 1CMXT4-00026x-5W for freebsd-security@freebsd.org; Tue, 26 Oct 2004 20:58:54 +0100 Received: (qmail 11641 invoked by uid 1004); 26 Oct 2004 19:58:54 -0000 Received: from colin.percival@wadham.ox.ac.uk by gateway by uid 71 with qmail-scanner-1.20 (clamscan: 0.67. sweep: 2.18/3.79. Clear:RC:1(163.1.161.203):. Processed in 0.016569 secs); 26 Oct 2004 19:58:54 -0000 Received: from dhcp1203.wadham.ox.ac.uk (HELO ?163.1.161.203?) (163.1.161.203) by gateway.wadham.ox.ac.uk with SMTP; 26 Oct 2004 19:58:54 -0000 Message-ID: <417EAC7E.2040103@wadham.ox.ac.uk> Date: Tue, 26 Oct 2004 20:58:54 +0100 From: Colin Percival User-Agent: Mozilla Thunderbird 0.7.3 (X11/20040928) X-Accept-Language: en-us, en MIME-Version: 1.0 To: freebsd-ports@freebsd.org Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit cc: freebsd-security@freebsd.org Subject: please test: Secure ports tree updating X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 26 Oct 2004 19:58:57 -0000 CVSup is slow, insecure, and a memory hog. However, until now it's been the only option for keeping an up-to-date ports tree, and (thanks to all of the recent work on vuxml and portaudit) it has become quite obvious that keeping an up-to-date ports tree is very important. To provide a secure, lightweight, and fast alternative to CVSup, I've written portsnap. As the name suggests, this is a system for building, *signing*, and distributing compressed snapshots of the ports tree, which can then be extracted into /usr/ports as needed. Portsnap is: * Lightweight. It's a 15kB shell script which uses under 50kB of other binaries. * Designed for frequent updating. Unlike CVSup, it doesn't need to transmit a complete list of files in the ports tree each time it runs; in fact, if there are no updates available, it only needs to fetch a single file of 256 bytes. * Secure. Using code from FreeBSD Update, the ports snapshots are signed using a 2048-bit RSA key. * HTTP-only. That's right, you don't need to beg your network maintainer to allow outgoing connections on port 5999 any more. :-) Right now I'm only building snapshots once per day, but after this has had some testing I'll increase that to once every 1-2 hours. Similarly, portsnap isn't in the ports tree yet, but it will appear there once I'm satisfied with the testing that it has received. So please go and test! Portsnap can be downloaded from http://www.daemonology.net/portsnap/ Colin Percival PS. I'm not sure how many testers this message is going to elicit, nor how much bandwidth portsnap.daemonology.net can comfortably handle. I may come back tomorrow and ask for some mirrors. :-) From owner-freebsd-security@FreeBSD.ORG Wed Oct 27 07:42:07 2004 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 28C3A16A4CE for ; Wed, 27 Oct 2004 07:42:07 +0000 (GMT) Received: from mx1.lost-oasis.net (misc-out.lost-oasis.net [212.85.153.4]) by mx1.FreeBSD.org (Postfix) with ESMTP id 6074E43D2D for ; Wed, 27 Oct 2004 07:42:06 +0000 (GMT) (envelope-from bertux@frenchcube.net) Received: from ca-sqy-2-109.w80-8.abo.wanadoo.fr ([80.8.55.109] helo=[192.168.1.6]) by mx1.lost-oasis.net with asmtp (Exim 4.34) id 1CMiRZ-00048o-2p; Wed, 27 Oct 2004 09:42:05 +0200 Message-ID: <417F5146.5010506@frenchcube.net> Date: Wed, 27 Oct 2004 09:41:58 +0200 From: Bertrand JUGLAS User-Agent: Mozilla Thunderbird 0.8 (Windows/20040913) X-Accept-Language: en-us, en MIME-Version: 1.0 To: Colin Percival References: <417EAC7E.2040103@wadham.ox.ac.uk> In-Reply-To: <417EAC7E.2040103@wadham.ox.ac.uk> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit cc: freebsd-security@freebsd.org Subject: Re: please test: Secure ports tree updating X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 27 Oct 2004 07:42:07 -0000 Colin Percival wrote: > CVSup is slow, insecure, and a memory hog. However, until now > it's been the only option for keeping an up-to-date ports tree, > and (thanks to all of the recent work on vuxml and portaudit) > it has become quite obvious that keeping an up-to-date ports > tree is very important. > > To provide a secure, lightweight, and fast alternative to CVSup, > I've written portsnap. As the name suggests, this is a system > for building, *signing*, and distributing compressed snapshots > of the ports tree, which can then be extracted into /usr/ports > as needed. > > Portsnap is: > * Lightweight. It's a 15kB shell script which uses under 50kB > of other binaries. > * Designed for frequent updating. Unlike CVSup, it doesn't > need to transmit a complete list of files in the ports tree each > time it runs; in fact, if there are no updates available, it only > needs to fetch a single file of 256 bytes. > * Secure. Using code from FreeBSD Update, the ports snapshots > are signed using a 2048-bit RSA key. > * HTTP-only. That's right, you don't need to beg your network > maintainer to allow outgoing connections on port 5999 any more. :-) > > Right now I'm only building snapshots once per day, but after > this has had some testing I'll increase that to once every 1-2 > hours. Similarly, portsnap isn't in the ports tree yet, but it > will appear there once I'm satisfied with the testing that it > has received. > > So please go and test! Portsnap can be downloaded from > http://www.daemonology.net/portsnap/ > > Colin Percival > PS. I'm not sure how many testers this message is going to elicit, > nor how much bandwidth portsnap.daemonology.net can comfortably > handle. I may come back tomorrow and ask for some mirrors. :-) > _______________________________________________ > freebsd-security@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to > "freebsd-security-unsubscribe@freebsd.org" I'm going to test it on a fresh FreeBSD 4.10-RELEASE install and if the download file size is small i will mirror it on my website. I will later post results from my testing. i hope to read from you soon, Bertrand Juglas From owner-freebsd-security@FreeBSD.ORG Wed Oct 27 11:11:23 2004 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E978E16A4CE; Wed, 27 Oct 2004 11:11:23 +0000 (GMT) Received: from smtp.des.no (flood.des.no [217.116.83.31]) by mx1.FreeBSD.org (Postfix) with ESMTP id 51AC643D5A; Wed, 27 Oct 2004 11:11:23 +0000 (GMT) (envelope-from des@des.no) Received: by smtp.des.no (Pony Express, from userid 666) id 41EE95312; Wed, 27 Oct 2004 13:11:22 +0200 (CEST) Received: from dwp.des.no (des.no [80.203.228.37]) by smtp.des.no (Pony Express) with ESMTP id 86E99530A; Wed, 27 Oct 2004 13:11:16 +0200 (CEST) Received: by dwp.des.no (Postfix, from userid 2602) id 66C3DB85E; Wed, 27 Oct 2004 13:11:16 +0200 (CEST) To: Colin Percival References: <417EAC7E.2040103@wadham.ox.ac.uk> From: des@des.no (=?iso-8859-1?q?Dag-Erling_Sm=F8rgrav?=) Date: Wed, 27 Oct 2004 13:11:16 +0200 In-Reply-To: <417EAC7E.2040103@wadham.ox.ac.uk> (Colin Percival's message of "Tue, 26 Oct 2004 20:58:54 +0100") Message-ID: User-Agent: Gnus/5.110002 (No Gnus v0.2) Emacs/21.3 (berkeley-unix) MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: quoted-printable X-Spam-Checker-Version: SpamAssassin 2.64 (2004-01-11) on flood.des.no X-Spam-Level: X-Spam-Status: No, hits=0.0 required=5.0 tests=AWL autolearn=no version=2.64 cc: freebsd-security@freebsd.org cc: freebsd-ports@freebsd.org Subject: Re: please test: Secure ports tree updating X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 27 Oct 2004 11:11:24 -0000 Colin Percival writes: > CVSup is slow, insecure, and a memory hog. if cvsup is slow, you're not using it right. I'm sure portsnap is a wonderful piece of software, but there's no need to spread FUD about cvsup to promote it. DES --=20 Dag-Erling Sm=F8rgrav - des@des.no From owner-freebsd-security@FreeBSD.ORG Wed Oct 27 11:31:50 2004 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 9876F16A4DA; Wed, 27 Oct 2004 11:31:47 +0000 (GMT) Received: from www.cyclades.de (mail.cyclades.de [62.225.173.194]) by mx1.FreeBSD.org (Postfix) with ESMTP id CEEC243D31; Wed, 27 Oct 2004 11:31:46 +0000 (GMT) (envelope-from mh@kernel32.de) Received: from [192.168.10.148] (helo=[192.168.10.148]) by www.cyclades.de with asmtp (Exim 3.35 #1 (Debian)) id 1CMm1m-0001rl-00; Wed, 27 Oct 2004 13:31:42 +0200 Message-ID: <417F8706.8060009@kernel32.de> Date: Wed, 27 Oct 2004 13:31:18 +0200 From: Marian Hettwer User-Agent: Mozilla Thunderbird 0.7.3 (X11/20040928) X-Accept-Language: en-us, en MIME-Version: 1.0 To: =?ISO-8859-15?Q?Dag-Erling_Sm=F8rgrav?= References: <417EAC7E.2040103@wadham.ox.ac.uk> In-Reply-To: Content-Type: text/plain; charset=ISO-8859-15; format=flowed Content-Transfer-Encoding: 8bit X-MailScanner: Found to be clean X-MailScanner-SpamCheck: cc: freebsd-security@freebsd.org cc: freebsd-ports@freebsd.org Subject: Re: please test: Secure ports tree updating X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 27 Oct 2004 11:31:51 -0000 Dag-Erling Smørgrav wrote: > Colin Percival writes: > >>CVSup is slow, insecure, and a memory hog. > > > if cvsup is slow, you're not using it right. > > I'm sure portsnap is a wonderful piece of software, but there's no > need to spread FUD about cvsup to promote it. > ACK. I don't believe cvsup is slow. Well, at least it's not slower than Gentoo's emerge (rsync based AFAIK) or OpenBSD's way of just using anonCVS via ssh. However, cvsup _is_ insecure and I don't like that it's based on modula3. I really have no program which uses m3 apart from CVSUP. So, well, perhaps portsnap is a nice replacement. Who knows ? :) (ah, jeah, Colin knows ;-D ) best regards, Marian From owner-freebsd-security@FreeBSD.ORG Tue Oct 26 20:18:05 2004 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 79C2216A4CE; Tue, 26 Oct 2004 20:18:05 +0000 (GMT) Received: from update.ods.org (221056.ds.nac.net [66.246.72.188]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2545243D1F; Tue, 26 Oct 2004 20:18:05 +0000 (GMT) (envelope-from jd@ods.org) Received: from localhost (221056.ds.nac.net [127.0.0.1]) by update.ods.org (Postfix) with ESMTP id 7E9269A98; Tue, 26 Oct 2004 16:18:04 -0400 (EDT) Received: from update.ods.org ([127.0.0.1]) by localhost (update.ods.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id 52942-05; Tue, 26 Oct 2004 16:18:02 -0400 (EDT) Received: from [10.0.2.15] (unknown [66.246.72.188]) (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits)) (No client certificate requested) by update.ods.org (Postfix) with ESMTP id 4464B992A; Tue, 26 Oct 2004 16:18:02 -0400 (EDT) Date: Tue, 26 Oct 2004 16:11:35 -0400 From: Jason DiCioccio To: Colin Percival , freebsd-ports@freebsd.org Message-ID: <9BBE3B5561450CAF8EE94788@[10.102.0.67]> In-Reply-To: <417EAC7E.2040103@wadham.ox.ac.uk> References: <417EAC7E.2040103@wadham.ox.ac.uk> X-Mailer: Mulberry/3.1.3 (Linux/x86) MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit Content-Disposition: inline X-Virus-Scanned: by amavisd-new at ods.org X-Mailman-Approved-At: Wed, 27 Oct 2004 12:45:38 +0000 cc: freebsd-security@freebsd.org Subject: Re: please test: Secure ports tree updating X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 26 Oct 2004 20:18:05 -0000 Colin, This sounds great. If you do end up needing a mirror, feel free to email me. I have a couple of servers on different connections (10/100mbit) that I might be able to donate to your cause. In the mean time, I'm going to give it a shot.. Regards, -JD- --On Tuesday, October 26, 2004 20:58:54 +0100 Colin Percival wrote: > CVSup is slow, insecure, and a memory hog. However, until now > it's been the only option for keeping an up-to-date ports tree, > and (thanks to all of the recent work on vuxml and portaudit) > it has become quite obvious that keeping an up-to-date ports > tree is very important. > > To provide a secure, lightweight, and fast alternative to CVSup, > I've written portsnap. As the name suggests, this is a system > for building, *signing*, and distributing compressed snapshots > of the ports tree, which can then be extracted into /usr/ports > as needed. > > Portsnap is: > * Lightweight. It's a 15kB shell script which uses under 50kB > of other binaries. > * Designed for frequent updating. Unlike CVSup, it doesn't > need to transmit a complete list of files in the ports tree each > time it runs; in fact, if there are no updates available, it only > needs to fetch a single file of 256 bytes. > * Secure. Using code from FreeBSD Update, the ports snapshots > are signed using a 2048-bit RSA key. > * HTTP-only. That's right, you don't need to beg your network > maintainer to allow outgoing connections on port 5999 any more. :-) > > Right now I'm only building snapshots once per day, but after > this has had some testing I'll increase that to once every 1-2 > hours. Similarly, portsnap isn't in the ports tree yet, but it > will appear there once I'm satisfied with the testing that it > has received. > > So please go and test! Portsnap can be downloaded from > http://www.daemonology.net/portsnap/ > > Colin Percival > PS. I'm not sure how many testers this message is going to elicit, > nor how much bandwidth portsnap.daemonology.net can comfortably > handle. I may come back tomorrow and ask for some mirrors. :-) > _______________________________________________ > freebsd-security@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to > "freebsd-security-unsubscribe@freebsd.org" From owner-freebsd-security@FreeBSD.ORG Wed Oct 27 03:02:49 2004 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id CBAE116A4CF for ; Wed, 27 Oct 2004 03:02:49 +0000 (GMT) Received: from wproxy.gmail.com (wproxy.gmail.com [64.233.184.195]) by mx1.FreeBSD.org (Postfix) with ESMTP id F33FC43D49 for ; Wed, 27 Oct 2004 03:02:48 +0000 (GMT) (envelope-from sdrhodus@gmail.com) Received: by wproxy.gmail.com with SMTP id 68so262547wri for ; Tue, 26 Oct 2004 20:01:04 -0700 (PDT) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:reply-to:to:subject:cc:in-reply-to:mime-version:content-type:content-transfer-encoding:references; b=LRQnp3E03y3RncgbYCabwhn7fUuhuTB4DuqbyOX5nauD584wGR2ogV+WQaz4D9SVRKlJS+8ZN4Ly50dxLygnz0oMmoez6kHVEV7TldBfAk4eNPlBDQi+M4boS/U+HLoOH5qiak/dhRyWGnyi5zpJAs2Iy2+Cbw/TYEPGWgn9hUQ= Received: by 10.38.209.71 with SMTP id h71mr903740rng; Tue, 26 Oct 2004 20:01:04 -0700 (PDT) Received: by 10.38.15.43 with HTTP; Tue, 26 Oct 2004 20:01:04 -0700 (PDT) Message-ID: Date: Tue, 26 Oct 2004 23:01:04 -0400 From: David Rhodus To: Colin Percival In-Reply-To: <417EAC7E.2040103@wadham.ox.ac.uk> Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit References: <417EAC7E.2040103@wadham.ox.ac.uk> X-Mailman-Approved-At: Wed, 27 Oct 2004 12:45:38 +0000 cc: freebsd-security@freebsd.org cc: freebsd-ports@freebsd.org Subject: Re: please test: Secure ports tree updating X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: drhodus@machdep.com List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 27 Oct 2004 03:02:50 -0000 Is this something that can be used to replace cvsup in a general term like cvsync ? -- -David Steven David Rhodus From owner-freebsd-security@FreeBSD.ORG Wed Oct 27 12:47:38 2004 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D363916A4D0; Wed, 27 Oct 2004 12:47:38 +0000 (GMT) Received: from zibbi.icomtek.csir.co.za (zibbi.icomtek.csir.co.za [146.64.24.58]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3CC8043D46; Wed, 27 Oct 2004 12:47:36 +0000 (GMT) (envelope-from jhay@icomtek.csir.co.za) Received: from zibbi.icomtek.csir.co.za (localhost [127.0.0.1]) i9RCl5ZV015233; Wed, 27 Oct 2004 14:47:05 +0200 (SAST) (envelope-from jhay@zibbi.icomtek.csir.co.za) Received: (from jhay@localhost)i9RCl4Mb015232; Wed, 27 Oct 2004 14:47:04 +0200 (SAST) (envelope-from jhay) Date: Wed, 27 Oct 2004 14:47:04 +0200 From: John Hay To: Dag-Erling Sm?rgrav Message-ID: <20041027124704.GA12880@zibbi.icomtek.csir.co.za> References: <417EAC7E.2040103@wadham.ox.ac.uk> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.4.1i cc: freebsd-security@freebsd.org cc: freebsd-ports@freebsd.org Subject: Re: please test: Secure ports tree updating X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 27 Oct 2004 12:47:39 -0000 On Wed, Oct 27, 2004 at 01:11:16PM +0200, Dag-Erling Sm?rgrav wrote: > Colin Percival writes: > > CVSup is slow, insecure, and a memory hog. > > if cvsup is slow, you're not using it right. Well it is fast on our local links but on a long delay link, like what we have from here in SA to USA, it is pretty slow. With rsync from ftp-master, ftp-master.us and ftp-master.eu I can get 100-150kByte/s, but with cvsup (with the -s option) I can only get about 30kByte/s. It is less of a memory hog than rsync on the server side though. John -- John Hay -- John.Hay@icomtek.csir.co.za / jhay@FreeBSD.org From owner-freebsd-security@FreeBSD.ORG Wed Oct 27 13:16:54 2004 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id D2B7316A4CE for ; Wed, 27 Oct 2004 13:16:54 +0000 (GMT) Received: from konvergencia.hu (konvergencia.hu [195.228.254.188]) by mx1.FreeBSD.org (Postfix) with ESMTP id 90F8243D49 for ; Wed, 27 Oct 2004 13:16:54 +0000 (GMT) (envelope-from mkenyeres@konvergencia.hu) Received: from [127.0.0.25] (helo=localhost) by konvergencia.hu with esmtp (Exim 4.10) id 1CMniq-00024m-00 for freebsd-security@freebsd.org; Wed, 27 Oct 2004 13:20:16 +0000 Received: from konvergencia.hu ([127.0.0.25]) by localhost (kavegep.konvergencia.hu [127.0.0.25]) (amavisd-new, port 10024) with ESMTP id 07701-03 for ; Wed, 27 Oct 2004 15:20:15 +0200 (CEST) Received: from 154.120-182-adsl-pool.axelero.hu ([81.182.120.154] helo=[10.0.0.161]) by konvergencia.hu with asmtp (TLSv1:RC4-MD5:128) (Exim 4.10) id 1CMnip-00024h-00 for freebsd-security@freebsd.org; Wed, 27 Oct 2004 13:20:15 +0000 From: Marton Kenyeres Organization: KVG Konvergencia Kft. To: freebsd-security@freebsd.org Date: Wed, 27 Oct 2004 15:17:00 +0200 User-Agent: KMail/1.7 References: <417EAC7E.2040103@wadham.ox.ac.uk> In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset="iso-8859-1" Content-Transfer-Encoding: quoted-printable Content-Disposition: inline Message-Id: <200410271517.00682.mkenyeres@konvergencia.hu> X-Virus-Scanned: by amavisd-new at konvergencia.hu Subject: Re: please test: Secure ports tree updating X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 27 Oct 2004 13:16:54 -0000 On Wednesday 27 October 2004 13:11, Dag-Erling Sm=F8rgrav wrote: > Colin Percival writes: > > CVSup is slow, insecure, and a memory hog. > > if cvsup is slow, you're not using it right. Does using CVSup over an asymmetric link qualify as `not using it=20 right`? [From http://www.cvsup.org/howsofast.html ] "The volume of data sent by the client is comparable to that sent by the=20 server. On a typical full-duplex link, this effectively doubles the=20 usable bandwidth." It still can be quite fast due to it's diff based nature. Also it is=20 more widespread than portsnap, which is not really surprising, but=20 makes the probability of finding a fast mirror higher. (For example,=20 from my office the avg roundtrip to the portsnap site is 7 times the=20 roundtrip to the local CVSup mirror.) I'm thinking about making some mesurements with different updating=20 methods (AnonCVS, CVSup, CVSync, rsync, portsnap come to mind) over=20 symmetric and asymmetric lines. Any suggestions on what typical usage scenarios and updating practices=20 might be are welcome. (e.g. once a day / once a week / when freshports=20 notifies me that something on my watchlist has changed). > > I'm sure portsnap is a wonderful piece of software, but there's no > need to spread FUD about cvsup to promote it. I agree with that. > > DES m. From owner-freebsd-security@FreeBSD.ORG Wed Oct 27 13:46:45 2004 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id E541716A4CE; Wed, 27 Oct 2004 13:46:45 +0000 (GMT) Received: from smtp.des.no (flood.des.no [217.116.83.31]) by mx1.FreeBSD.org (Postfix) with ESMTP id 4322643D4C; Wed, 27 Oct 2004 13:46:45 +0000 (GMT) (envelope-from des@des.no) Received: by smtp.des.no (Pony Express, from userid 666) id 3CEE05312; Wed, 27 Oct 2004 15:46:44 +0200 (CEST) Received: from dwp.des.no (des.no [80.203.228.37]) by smtp.des.no (Pony Express) with ESMTP id 28DD5530A; Wed, 27 Oct 2004 15:46:37 +0200 (CEST) Received: by dwp.des.no (Postfix, from userid 2602) id E9E83B85E; Wed, 27 Oct 2004 15:46:36 +0200 (CEST) To: John Hay References: <417EAC7E.2040103@wadham.ox.ac.uk> <20041027124704.GA12880@zibbi.icomtek.csir.co.za> From: des@des.no (=?iso-8859-1?q?Dag-Erling_Sm=F8rgrav?=) Date: Wed, 27 Oct 2004 15:46:36 +0200 In-Reply-To: <20041027124704.GA12880@zibbi.icomtek.csir.co.za> (John Hay's message of "Wed, 27 Oct 2004 14:47:04 +0200") Message-ID: User-Agent: Gnus/5.110002 (No Gnus v0.2) Emacs/21.3 (berkeley-unix) MIME-Version: 1.0 Content-Type: text/plain; charset=iso-8859-1 Content-Transfer-Encoding: quoted-printable X-Spam-Checker-Version: SpamAssassin 2.64 (2004-01-11) on flood.des.no X-Spam-Level: X-Spam-Status: No, hits=0.0 required=5.0 tests=AWL autolearn=no version=2.64 cc: freebsd-security@freebsd.org cc: freebsd-ports@freebsd.org Subject: Re: please test: Secure ports tree updating X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 27 Oct 2004 13:46:46 -0000 John Hay writes: > On Wed, Oct 27, 2004 at 01:11:16PM +0200, Dag-Erling Sm?rgrav wrote: > > Colin Percival writes: > > > CVSup is slow, insecure, and a memory hog. > > if cvsup is slow, you're not using it right. > Well it is fast on our local links but on a long delay link, like what > we have from here in SA to USA, it is pretty slow. With rsync from > ftp-master, ftp-master.us and ftp-master.eu I can get 100-150kByte/s, > but with cvsup (with the -s option) I can only get about 30kByte/s. It > is less of a memory hog than rsync on the server side though. you must be doing something wrong. cvsup was designed to work well on high-latency links. are you running it with -s? DES --=20 Dag-Erling Sm=F8rgrav - des@des.no From owner-freebsd-security@FreeBSD.ORG Wed Oct 27 14:37:36 2004 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C5AB716A4CE for ; Wed, 27 Oct 2004 14:37:36 +0000 (GMT) Received: from otter3.centtech.com (moat3.centtech.com [207.200.51.50]) by mx1.FreeBSD.org (Postfix) with ESMTP id E830743D39 for ; Wed, 27 Oct 2004 14:37:34 +0000 (GMT) (envelope-from anderson@centtech.com) Received: from [10.177.171.220] (neutrino.centtech.com [10.177.171.220]) by otter3.centtech.com (8.12.3/8.12.3) with ESMTP id i9REbX6u059132; Wed, 27 Oct 2004 09:37:33 -0500 (CDT) (envelope-from anderson@centtech.com) Message-ID: <417FB29D.8030004@centtech.com> Date: Wed, 27 Oct 2004 09:37:17 -0500 From: Eric Anderson User-Agent: Mozilla/5.0 (X11; U; FreeBSD i386; en-US; rv:1.7.2) Gecko/20041025 X-Accept-Language: en-us, en MIME-Version: 1.0 To: Marton Kenyeres References: <417EAC7E.2040103@wadham.ox.ac.uk> <200410271517.00682.mkenyeres@konvergencia.hu> In-Reply-To: <200410271517.00682.mkenyeres@konvergencia.hu> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit cc: freebsd-security@freebsd.org Subject: Re: please test: Secure ports tree updating X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 27 Oct 2004 14:37:36 -0000 Marton Kenyeres wrote: [..snip..] > I'm thinking about making some mesurements with different updating > methods (AnonCVS, CVSup, CVSync, rsync, portsnap come to mind) over > symmetric and asymmetric lines. > > Any suggestions on what typical usage scenarios and updating practices > might be are welcome. (e.g. once a day / once a week / when freshports > notifies me that something on my watchlist has changed). I find the longer I wait, the more time cvsup takes. It isn't that it's slow, it's just that portsnap seems faster in this case. Has anyone thought about using bittorrent to pass the portsnap binary around? That would remove the 'mirror' issue possibly. I cvsup in swarms - a couple times daily for about 2-3 days, then when my ports are all happy, I don't do it for a couple more weeks. I don't think Colin was trying to spread fud (at least I certainly didn't take it that way), I think he was just trying to make a point that cvsup can be time consuming if you don't update often. However, if you DO update often, it IS pretty fast. I'm interested to hear what the results are.. Eric -- ------------------------------------------------------------------ Eric Anderson Sr. Systems Administrator Centaur Technology Talk sense to a fool and he calls you foolish. ------------------------------------------------------------------ From owner-freebsd-security@FreeBSD.ORG Wed Oct 27 16:05:42 2004 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 4A86D16A4CE for ; Wed, 27 Oct 2004 16:05:42 +0000 (GMT) Received: from wproxy.gmail.com (wproxy.gmail.com [64.233.184.204]) by mx1.FreeBSD.org (Postfix) with ESMTP id CFDB043D66 for ; Wed, 27 Oct 2004 16:05:41 +0000 (GMT) (envelope-from fehwalker@gmail.com) Received: by wproxy.gmail.com with SMTP id 68so329425wri for ; Wed, 27 Oct 2004 09:05:36 -0700 (PDT) DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=beta; d=gmail.com; h=received:message-id:date:from:reply-to:to:subject:in-reply-to:mime-version:content-type:content-transfer-encoding:references; b=I0HaOuS53gbWQaMB4FSQV0+MToFH1/o1n2wfSteAAkylMBooG0uYqHrW5erFgbanQWmmr/hEPVTFxXvE+q/ldqJywj/aWtMAKq76UyyT7H6oNYjQ0MsMOz+d+wN1j2Ms8TfhzmTvHkfEm11iuIe6njCdynopXHcHoGCoGhyf7QY= Received: by 10.38.150.32 with SMTP id x32mr1244597rnd; Wed, 27 Oct 2004 09:05:36 -0700 (PDT) Received: by 10.38.74.74 with HTTP; Wed, 27 Oct 2004 09:05:36 -0700 (PDT) Message-ID: <35de0c3004102709055f7d2c35@mail.gmail.com> Date: Wed, 27 Oct 2004 12:05:36 -0400 From: Bryan Fullerton To: freebsd-security@freebsd.org In-Reply-To: <200410271517.00682.mkenyeres@konvergencia.hu> Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit References: <417EAC7E.2040103@wadham.ox.ac.uk> <200410271517.00682.mkenyeres@konvergencia.hu> Subject: Re: please test: Secure ports tree updating X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list Reply-To: Bryan Fullerton List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 27 Oct 2004 16:05:42 -0000 On Wed, 27 Oct 2004 15:17:00 +0200, Marton Kenyeres wrote: > Any suggestions on what typical usage scenarios and updating practices > might be are welcome. (e.g. once a day / once a week / when freshports > notifies me that something on my watchlist has changed). Setting up local cvsup servers that sync with the busier freebsd.org servers at off-peak times is always good. I've always done this since I've had more than a couple of servers to update. Bryan From owner-freebsd-security@FreeBSD.ORG Wed Oct 27 16:57:58 2004 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 35A3A16A4D0 for ; Wed, 27 Oct 2004 16:57:58 +0000 (GMT) Received: from tx5.mail.ox.ac.uk (tx5.mail.ox.ac.uk [163.1.2.169]) by mx1.FreeBSD.org (Postfix) with ESMTP id C08C243D54 for ; Wed, 27 Oct 2004 16:57:57 +0000 (GMT) (envelope-from colin.percival@wadham.ox.ac.uk) Received: from scan5.mail.ox.ac.uk ([163.1.2.177] helo=localhost) by tx5.mail.ox.ac.uk with esmtp (Exim 4.42) id 1CMr7U-0002Mz-Hl for freebsd-security@freebsd.org; Wed, 27 Oct 2004 17:57:56 +0100 Received: from rx5.mail.ox.ac.uk ([163.1.2.168]) by localhost (scan5.mail.ox.ac.uk [163.1.2.177]) (amavisd-new, port 25) with ESMTP id 08988-01 for ; Wed, 27 Oct 2004 17:57:56 +0100 (BST) Received: from gateway.wadham.ox.ac.uk ([163.1.161.253]) by rx5.mail.ox.ac.uk with smtp (Exim 4.42) id 1CMr7U-0002Mr-Gj for freebsd-security@freebsd.org; Wed, 27 Oct 2004 17:57:56 +0100 Received: (qmail 393 invoked by uid 1004); 27 Oct 2004 16:57:56 -0000 Received: from colin.percival@wadham.ox.ac.uk by gateway by uid 71 with qmail-scanner-1.20 (clamscan: 0.67. sweep: 2.18/3.79. Clear:RC:1(163.1.161.203):. Processed in 0.015999 secs); 27 Oct 2004 16:57:56 -0000 Received: from dhcp1203.wadham.ox.ac.uk (HELO ?163.1.161.203?) (163.1.161.203) by gateway.wadham.ox.ac.uk with SMTP; 27 Oct 2004 16:57:55 -0000 Message-ID: <417FD393.3070706@wadham.ox.ac.uk> Date: Wed, 27 Oct 2004 17:57:55 +0100 From: Colin Percival User-Agent: Mozilla Thunderbird 0.7.3 (X11/20040928) X-Accept-Language: en-us, en MIME-Version: 1.0 To: drhodus@machdep.com References: <417EAC7E.2040103@wadham.ox.ac.uk> In-Reply-To: Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit cc: freebsd-security@freebsd.org cc: freebsd-ports@freebsd.org Subject: Re: please test: Secure ports tree updating X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 27 Oct 2004 16:57:58 -0000 David Rhodus wrote: > Is this something that can be used to replace cvsup in a general term > like cvsync ? In theory, maybe, but in practice, no. Portsnap distributes snapshots of the ports tree; it isn't designed for distributing the entire CVS repository. If you tried to use the portsnap build code for distributing the ports repository, you'd find it to be impractically slow, since there are some huge files (INDEX,v is 82.5MB) which would take far too long for my binary diff code to handle. When it comes to using portsnap for distributing snapshots of the src/, doc/, or www/ trees, there are other problems. First, these are branched, which means that lots of different snapshots would need to be created; also, while the ports tree is easily split into bite-sized pieces which tend to change independently of each other (ie, individual ports -- usually a single commit will touch several files, but only within a single port directory), the other repositories don't divide so easily into independent parts. I'm glossing over a few details here, but basically: I've given this some thought, and I think that while portsnap is useful for the ports tree, I don't think it will be very useful for anything else. Colin Percival From owner-freebsd-security@FreeBSD.ORG Wed Oct 27 17:04:36 2004 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 2F44916A4CE for ; Wed, 27 Oct 2004 17:04:36 +0000 (GMT) Received: from tx4.mail.ox.ac.uk (tx4.mail.ox.ac.uk [129.67.1.173]) by mx1.FreeBSD.org (Postfix) with ESMTP id CA53943D2D for ; Wed, 27 Oct 2004 17:04:35 +0000 (GMT) (envelope-from colin.percival@wadham.ox.ac.uk) Received: from scan4.mail.ox.ac.uk ([129.67.1.177] helo=localhost) by tx4.mail.ox.ac.uk with esmtp (Exim 4.42) id 1CMrDu-0001A9-Fc for freebsd-security@freebsd.org; Wed, 27 Oct 2004 18:04:34 +0100 Received: from rx4.mail.ox.ac.uk ([129.67.1.172]) by localhost (scan4.mail.ox.ac.uk [129.67.1.177]) (amavisd-new, port 25) with ESMTP id 04209-04 for ; Wed, 27 Oct 2004 18:04:34 +0100 (BST) Received: from gateway.wadham.ox.ac.uk ([163.1.161.253]) by rx4.mail.ox.ac.uk with smtp (Exim 4.42) id 1CMrDu-00019x-Ek for freebsd-security@freebsd.org; Wed, 27 Oct 2004 18:04:34 +0100 Received: (qmail 4707 invoked by uid 1004); 27 Oct 2004 17:04:34 -0000 Received: from colin.percival@wadham.ox.ac.uk by gateway by uid 71 with qmail-scanner-1.20 (clamscan: 0.67. sweep: 2.18/3.79. Clear:RC:1(163.1.161.203):. Processed in 0.047027 secs); 27 Oct 2004 17:04:34 -0000 Received: from dhcp1203.wadham.ox.ac.uk (HELO ?163.1.161.203?) (163.1.161.203) by gateway.wadham.ox.ac.uk with SMTP; 27 Oct 2004 17:04:34 -0000 Message-ID: <417FD521.3020204@wadham.ox.ac.uk> Date: Wed, 27 Oct 2004 18:04:33 +0100 From: Colin Percival User-Agent: Mozilla Thunderbird 0.7.3 (X11/20040928) X-Accept-Language: en-us, en MIME-Version: 1.0 To: =?ISO-8859-1?Q?Dag-Erling_Sm=F8rgrav?= References: <417EAC7E.2040103@wadham.ox.ac.uk> In-Reply-To: Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 8bit cc: freebsd-security@freebsd.org cc: freebsd-ports@freebsd.org Subject: Re: please test: Secure ports tree updating X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 27 Oct 2004 17:04:36 -0000 Dag-Erling Smørgrav wrote: > Colin Percival writes: >>CVSup is slow, insecure, and a memory hog. > > if cvsup is slow, you're not using it right. Let me rephrase. CVSup is slower than necessary when fetching only a small number of updates, especially if you have a slow uplink. > I'm sure portsnap is a wonderful piece of software, but there's no > need to spread FUD about cvsup to promote it. CVSup is a great piece of software. However, it's a piece of software which was designed in a rather different setting than the current problem of keeping an up-to-date ports tree. Where CVSup does a very wide range of things adequately, portsnap is designed to do one specific task very well. Colin Percival From owner-freebsd-security@FreeBSD.ORG Wed Oct 27 19:48:39 2004 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6CC1316A4CE; Wed, 27 Oct 2004 19:48:39 +0000 (GMT) Received: from mail22.syd.optusnet.com.au (mail22.syd.optusnet.com.au [211.29.133.160]) by mx1.FreeBSD.org (Postfix) with ESMTP id A93D243D1D; Wed, 27 Oct 2004 19:48:38 +0000 (GMT) (envelope-from PeterJeremy@optushome.com.au) Received: from cirb503493.alcatel.com.au (c211-30-75-229.belrs2.nsw.optusnet.com.au [211.30.75.229]) i9RJmbTZ012519 (version=TLSv1/SSLv3 cipher=EDH-RSA-DES-CBC3-SHA bits=168 verify=NO); Thu, 28 Oct 2004 05:48:37 +1000 Received: from cirb503493.alcatel.com.au (localhost.alcatel.com.au [127.0.0.1])i9RJmaxP096633; Thu, 28 Oct 2004 05:48:36 +1000 (EST) (envelope-from pjeremy@cirb503493.alcatel.com.au) Received: (from pjeremy@localhost)i9RJmaBM096632; Thu, 28 Oct 2004 05:48:36 +1000 (EST) (envelope-from pjeremy) Date: Thu, 28 Oct 2004 05:48:36 +1000 From: Peter Jeremy To: Colin Percival Message-ID: <20041027194835.GD79646@cirb503493.alcatel.com.au> References: <417EAC7E.2040103@wadham.ox.ac.uk> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <417EAC7E.2040103@wadham.ox.ac.uk> User-Agent: Mutt/1.4.2i cc: freebsd-security@freebsd.org cc: freebsd-ports@freebsd.org Subject: Re: please test: Secure ports tree updating X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 27 Oct 2004 19:48:39 -0000 On Tue, 2004-Oct-26 20:58:54 +0100, Colin Percival wrote: >CVSup is slow, insecure, and a memory hog. However, until now >it's been the only option for keeping an up-to-date ports tree, ... > >To provide a secure, lightweight, and fast alternative to CVSup, >I've written portsnap. It sounds like you've re-invented CTM rather than a CVSup replacement. Would you care to provide a comparison of portsnap with CTM? Based on your description, the differences are: - portsnap uses HTTP, CTM uses either FTP or mail. - portsnap is always signed, CTM is only signed via mail. - CTM is part of the base system - ports-cur CTM deltas are currently generated every 8 hours -- Peter Jeremy From owner-freebsd-security@FreeBSD.ORG Thu Oct 28 18:48:31 2004 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id EE55B16A4D0 for ; Thu, 28 Oct 2004 18:48:31 +0000 (GMT) Received: from tx2.mail.ox.ac.uk (tx2.mail.ox.ac.uk [163.1.2.163]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2CE8A43D5A for ; Thu, 28 Oct 2004 18:48:31 +0000 (GMT) (envelope-from colin.percival@wadham.ox.ac.uk) Received: from scan2.mail.ox.ac.uk ([163.1.2.162] helo=localhost) by tx2.mail.ox.ac.uk with esmtp (Exim 4.42) id 1CNFK2-0000Dc-6r for freebsd-security@freebsd.org; Thu, 28 Oct 2004 19:48:30 +0100 Received: from rx2.mail.ox.ac.uk ([163.1.2.161]) by localhost (scan2.mail.ox.ac.uk [163.1.2.162]) (amavisd-new, port 25) with ESMTP id 00495-03 for ; Thu, 28 Oct 2004 19:48:29 +0100 (BST) Received: from gateway.wadham.ox.ac.uk ([163.1.161.253]) by rx2.mail.ox.ac.uk with smtp (Exim 4.42) id 1CNFK1-0000DX-9O for freebsd-security@freebsd.org; Thu, 28 Oct 2004 19:48:29 +0100 Received: (qmail 29568 invoked by uid 1004); 28 Oct 2004 18:48:29 -0000 Received: from colin.percival@wadham.ox.ac.uk by gateway by uid 71 with qmail-scanner-1.20 (clamscan: 0.67. sweep: 2.18/3.79. Clear:RC:1(163.1.161.203):. Processed in 0.015783 secs); 28 Oct 2004 18:48:29 -0000 Received: from dhcp1203.wadham.ox.ac.uk (HELO ?163.1.161.203?) (163.1.161.203) by gateway.wadham.ox.ac.uk with SMTP; 28 Oct 2004 18:48:29 -0000 Message-ID: <41813EFD.9070105@wadham.ox.ac.uk> Date: Thu, 28 Oct 2004 19:48:29 +0100 From: Colin Percival User-Agent: Mozilla Thunderbird 0.7.3 (X11/20040928) X-Accept-Language: en-us, en MIME-Version: 1.0 To: Peter Jeremy References: <417EAC7E.2040103@wadham.ox.ac.uk> <20041027194835.GD79646@cirb503493.alcatel.com.au> In-Reply-To: <20041027194835.GD79646@cirb503493.alcatel.com.au> Content-Type: text/plain; charset=us-ascii; format=flowed Content-Transfer-Encoding: 7bit cc: freebsd-security@freebsd.org cc: freebsd-ports@freebsd.org Subject: Re: please test: Secure ports tree updating X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 28 Oct 2004 18:48:32 -0000 Peter Jeremy wrote: > It sounds like you've re-invented CTM rather than a CVSup replacement. > Would you care to provide a comparison of portsnap with CTM? Based on > your description, the differences are: > - portsnap uses HTTP, CTM uses either FTP or mail. Technically, portsnap can use a variety of means -- it uses fetch(1) to download files, so it can use anything which fetch(1) understands. But yes, HTTP is the mechanism I expect most people to use. > - portsnap is always signed, CTM is only signed via mail. This probably doesn't matter to most people, but portsnap also uses a much more lightweight mechanism (raw rsa vs. pgp). For this reason (less code usually means fewer bugs) I'm more inclined to trust the security of portsnap signatures. > - CTM is part of the base system Portsnap could become part of the base system if people want it to. :-) > - ports-cur CTM deltas are currently generated every 8 hours This is irrelevant; both ctm and portsnap can build updates as often as desired. Other differences: - Portsnap keeps a compressed snapshot which can be updated or extracted whenever desired; CTM keeps a series of deltas. (This may mean that portsnap can update /usr/ports/ more quickly... I'm not sure, but in general it's much faster to extract a tarball than to apply text patches.) - Portsnap fetches patches which go directly from the version held locally to the latest version, while CTM fetches all the intermediate versions. (This gives portsnap a bandwidth advantage if you're not updating on a regular basis.) - I haven't implemented this yet, but it is very easy to get the portsnap client to ignore certain directories (in the same manner as .cvsignore works), since it works by downloading lots of individual patches, while CTM always updates everything. - I have a feeling that I'm missing something else important here, but I can't think what it is. You're right that portsnap has more in common with CTM than it does with CVSup. Perhaps I should describe it as a CTM replacement instead; but I think it is likely to be of value to a large number of people currently using CVSup. Colin Percival