From owner-freebsd-security@FreeBSD.ORG  Wed Nov  8 07:28:19 2006
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
X-Original-To: freebsd-security@freebsd.org
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id EDC9516A403
	for <freebsd-security@freebsd.org>;
	Wed,  8 Nov 2006 07:28:19 +0000 (UTC)
	(envelope-from wes@opensail.org)
Received: from softweyr.homeunix.net (cpe-24-161-160-202.san.res.rr.com
	[24.161.160.202])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 9FEA543D45
	for <freebsd-security@freebsd.org>;
	Wed,  8 Nov 2006 07:28:19 +0000 (GMT)
	(envelope-from wes@opensail.org)
Received: from [204.68.178.34] (gulliver.softweyr.com [204.68.178.34])
	(authenticated bits=0)
	by softweyr.homeunix.net (8.13.6/8.13.6) with ESMTP id kA87SHDU037718; 
	Tue, 7 Nov 2006 23:28:18 -0800 (PST) (envelope-from wes@opensail.org)
In-Reply-To: <20061108082233.agry96udb4k0sckk@webmail.leidinger.net>
References: <20061104163000.30D2516A7A6@hub.freebsd.org>
	<0C344F30-40A1-4B08-A1C7-3F8CD536244D@opensail.org>
	<20061108082233.agry96udb4k0sckk@webmail.leidinger.net>
Mime-Version: 1.0 (Apple Message framework v752.2)
X-Priority: 3 (Normal)
Content-Type: text/plain; charset=US-ASCII; delsp=yes; format=flowed
Message-Id: <1794F6F9-3F65-4771-ACF6-23D00101B72D@opensail.org>
Content-Transfer-Encoding: 7bit
From: Wes Peters <wes@opensail.org>
Date: Tue, 7 Nov 2006 23:28:15 -0800
To: Alexander Leidinger <Alexander@leidinger.net>
X-Mailer: Apple Mail (2.752.2)
X-Scanned-By: MIMEDefang 2.57 on 204.68.178.2
Cc: freebsd-security@freebsd.org
Subject: Re: freebsd-security Digest, Vol 184, Issue 2
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: "Security issues \[members-only posting\]"
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>, 
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Wed, 08 Nov 2006 07:28:20 -0000


On Nov 7, 2006, at 11:22 PM, Alexander Leidinger wrote:

> Quoting Wes Peters <wes@opensail.org> (from Tue, 7 Nov 2006  
> 20:19:40 -0800):
>
>> --- /etc/rc.d/dmesg     Sat May  6 21:00:26 2006
>> +++ dmesg       Tue Nov  7 20:17:47 2006
>> @@ -19,8 +19,10 @@
>> do_dmesg()
>> {
>> -       rm -f ${dmesg_file}
>> +       mv -f ${dmesg_file} ${dmesg_file}.prev
>>         ( umask 022 ; /sbin/dmesg $rc_flags > ${dmesg_file} )
>> +       cmp -s ${dmesg_file} ${dmesg_file}.prev || \
>> +               logger -p security.warn 'dmesg.boot changed from
>> previous boot'
>> }
>> load_rc_config $name
>>
>>
>> If you like that, I'm willing to discuss it further, and/or commit it
>> and let the howling tell if it's a keeper or not. ;^)
>
> Did you try this? I didn't, but I would expect to see this message  
> _every time_ (because of minor timecounter rate changes).

Yes, but only once, and then forced a change by re-running it.  Maybe  
I just got 'lucky.'  Feel free to suggest 'better' tests, or parts to  
throw out of dmesg.boot before the test.

--
            Where am I, and what am I doing in this handbasket?
Wes Peters                                                      
wes@softweyr.com