From owner-freebsd-security@FreeBSD.ORG  Fri Aug 27 10:57:52 2004
Return-Path: <owner-freebsd-security@FreeBSD.ORG>
Delivered-To: freebsd-security@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 7594316A4CE
	for <freebsd-security@freebsd.org>;
	Fri, 27 Aug 2004 10:57:52 +0000 (GMT)
Received: from mail.rdstm.ro (mail.rdstm.ro [193.231.233.2])
	by mx1.FreeBSD.org (Postfix) with ESMTP id C6A2143D6B
	for <freebsd-security@freebsd.org>;
	Fri, 27 Aug 2004 10:57:51 +0000 (GMT)
	(envelope-from aanton@spintech.ro)
Received: from [10.0.0.2] (casa_auto [81.196.32.25])
	by mail.rdstm.ro (8.12.10/8.12.1) with ESMTP id i7RAv9fh013363
	for <freebsd-security@freebsd.org>; Fri, 27 Aug 2004 13:57:09 +0300
Message-ID: <412F13AB.6050801@spintech.ro>
Date: Fri, 27 Aug 2004 13:57:47 +0300
From: Anton Alin-Adrian <aanton@spintech.ro>
User-Agent: Mozilla Thunderbird 0.7.1 (X11/20040706)
X-Accept-Language: en-us, en
MIME-Version: 1.0
To: freebsd-security@freebsd.org
References: <20040827002100.GB653@vista.netmemetic.com>
	<6917b781040826185127c7b744@mail.gmail.com>
	<20040827154731.G78094@Neo-Vortex.Ath.Cx> <412EF6F7.9000900@spintech.ro>
	<20040827200714.C90788@Neo-Vortex.Ath.Cx>
In-Reply-To: <20040827200714.C90788@Neo-Vortex.Ath.Cx>
X-Enigmail-Version: 0.84.2.0
X-Enigmail-Supports: pgp-inline, pgp-mime
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
Subject: Re: ipfw core dump
X-BeenThere: freebsd-security@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: Security issues [members-only posting]
	<freebsd-security.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>,
	<mailto:freebsd-security-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-security>
List-Post: <mailto:freebsd-security@freebsd.org>
List-Help: <mailto:freebsd-security-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-security>,
	<mailto:freebsd-security-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Fri, 27 Aug 2004 10:57:52 -0000

Neo-Vortex wrote:
> On Fri, 27 Aug 2004, Anton Alin-Adrian wrote:
> 
> 
>>Yes, it would be nice if you could also attach the ipfw.core file.
> 
> 
> he he, you think hes stupid? core files can contain sensative
> information... also it would be pointless unless we had the exact same
> binary as he had with the same libraries (well, not entirely pointless,
> but easier for him to do it :P)
> 
> 

No i was not thinking of anything unethical. He could have inspected the 
.core file before sending it.

However, I doubt an ipfw core file would contain sensitive information 
(like passwords and etc). What could it contain, the ACL? The ACL is not 
secret and who cares anyway?

I'm just interested in possible firewall bugs.

Yours,
-- 
Alin-Adrian Anton
Spintech Systems
GPG keyID 0x1E2FFF2E (2963 0C11 1AF1 96F6 0030 6EE9 D323 639D 1E2F FF2E)
gpg --keyserver pgp.mit.edu --recv-keys 1E2FFF2E