From owner-freebsd-security Sun May 7 02:14:41 1995 Return-Path: security-owner Received: (from majordom@localhost) by freefall.cdrom.com (8.6.10/8.6.6) id CAA12415 for security-outgoing; Sun, 7 May 1995 02:14:41 -0700 Received: from grunt.grondar.za (grunt.grondar.za [196.7.18.129]) by freefall.cdrom.com (8.6.10/8.6.6) with ESMTP id CAA12084 ; Sun, 7 May 1995 02:10:45 -0700 Received: from grumble.grondar.za (grumble.grondar.za [196.7.18.130]) by grunt.grondar.za (8.6.11/8.6.9) with ESMTP id LAA00256; Sun, 7 May 1995 11:10:23 +0200 Received: from localhost (localhost [127.0.0.1]) by grumble.grondar.za (8.6.11/8.6.9) with SMTP id LAA00363; Sun, 7 May 1995 11:10:19 +0200 Message-Id: <199505070910.LAA00363@grumble.grondar.za> X-Authentication-Warning: grumble.grondar.za: Host localhost didn't use HELO protocol To: current@FreeBSD.org, security@FreeBSD.org Subject: NIS/Kerberos has some strange behaviour... Date: Sun, 07 May 1995 11:10:19 +0200 From: Mark Murray Sender: security-owner@FreeBSD.org Precedence: bulk Hi (Bill & Garrett) and the rest I have been messing around with Kerberos and NIS for a while now trying to get them to behave, and I have got them 90% co-operating. I have just one problem: When a pleb user tries to log in on a machine that is both a Kerberos client and a NIS client, that user cannot log in using their NIS password. Strangely, the Kerberos password works! Most other NIS functions (ypcat, ypwhich, ypmatch etc) work, but passwd -y does not. On the Kerberos/NIS server, all is well. Kerberos behaves well on both machines. On the client, ypbind -s is run. On the server I run ypserv -dns, yppasswdd -s -f(I prefer to use /etc/master.passwd) and ypserv -s. Any ideas? M -- Mark Murray 46 Harvey Rd, Claremont, Cape Town 7700, South Africa +27 21 61-3768 GMT+0200 From owner-freebsd-security Sun May 7 11:31:06 1995 Return-Path: security-owner Received: (from majordom@localhost) by freefall.cdrom.com (8.6.10/8.6.6) id LAA27174 for security-outgoing; Sun, 7 May 1995 11:31:06 -0700 Received: from gvr.win.tue.nl (root@gvr.win.tue.nl [131.155.210.19]) by freefall.cdrom.com (8.6.10/8.6.6) with ESMTP id LAA27167 for ; Sun, 7 May 1995 11:31:03 -0700 Received: by gvr.win.tue.nl (8.6.10/1.53) id UAA27692; Sun, 7 May 1995 20:30:07 +0200 From: guido@gvr.win.tue.nl (Guido van Rooij) Message-Id: <199505071830.UAA27692@gvr.win.tue.nl> Subject: Re: Logdaemon update (s.key and stuff) To: pst@Shockwave.COM (Paul Traina) Date: Sun, 7 May 1995 20:30:06 +0200 (MET DST) Cc: freebsd-security@FreeBSD.org In-Reply-To: <199505030257.TAA01474@precipice.shockwave.com> from "Paul Traina" at May 2, 95 07:57:19 pm X-Mailer: ELM [version 2.4 PL24] Content-Type: text Content-Length: 201 Sender: security-owner@FreeBSD.org Precedence: bulk Paul Traina wrote: > > Huh? What's happened? I seem to have missed some context here. > Wietse did a new logdaemon update. And it is important we adopt the new s/key stuff that is inside. -Guido From owner-freebsd-security Thu May 11 15:32:30 1995 Return-Path: security-owner Received: (from majordom@localhost) by freefall.cdrom.com (8.6.10/8.6.6) id PAA17388 for security-outgoing; Thu, 11 May 1995 15:32:30 -0700 Received: from cps201.cps.cmich.edu (archive@cps201.cps.cmich.edu [141.209.20.201]) by freefall.cdrom.com (8.6.10/8.6.6) with ESMTP id PAA17382 for ; Thu, 11 May 1995 15:32:28 -0700 Received: (from archive@localhost) by cps201.cps.cmich.edu (8.6.9/8.6.9) id SAA04873; Thu, 11 May 1995 18:32:19 -0400 Date: Thu, 11 May 1995 18:32:18 -0400 (EDT) From: CMU Mail Archive X-Sender: archive@cps201 To: Danny Boulet cc: freebsd-security@FreeBSD.org Subject: Re: Security options for NFS? In-Reply-To: <199505030000.SAA09731@nahanni.BouletFermat.ab.ca> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: security-owner@FreeBSD.org Precedence: bulk On Tue, 2 May 1995, Danny Boulet wrote: > I've got FreeBSD 2.0 on a CD-ROM so I can provide diffs that should allow > ipfirewall v2.0 to be installed on FreeBSD 2.0. Unfortunately, I don't > run FreeBSD on any machine that I've got access to so I can't test the > diffs (I use BSD/OS v2.0 for all my ipfirewall development). Contact me > directly (danny@bouletfermat.ab.ca) if you're interested in these diffs. > Once someone running FreeBSD has verified that they work, I'll include them > in my standard release. > > -Danny > > P.S. A bound 30 page user's guide is provided to those who contribute the > suggested minimum shareware amount ($60 Canadian or roughly $44 US these days). > Would access to a FreeBSD machine be worth a electronic copy of the users guide to you :) If so let me know....... Thanks Matthew S. Bailey Assistant System Admin Central Michigan University (PS. If this mail was sent from an account different than mbailey@cps.cmich.edu would you please direct all replies there. Thank You) From owner-freebsd-security Thu May 11 15:58:51 1995 Return-Path: security-owner Received: (from majordom@localhost) by freefall.cdrom.com (8.6.10/8.6.6) id PAA18153 for security-outgoing; Thu, 11 May 1995 15:58:51 -0700 Received: from precipice.shockwave.com (precipice.shockwave.com [171.69.108.33]) by freefall.cdrom.com (8.6.10/8.6.6) with ESMTP id PAA18147 for ; Thu, 11 May 1995 15:58:49 -0700 Received: from localhost (localhost [127.0.0.1]) by precipice.shockwave.com (8.6.11/8.6.9) with SMTP id PAA04433; Thu, 11 May 1995 15:58:11 -0700 Message-Id: <199505112258.PAA04433@precipice.shockwave.com> To: Danny Boulet , freebsd-security@FreeBSD.org, ugen@netvision.net.il Subject: Re: Security options for NFS? In-reply-to: Your message of "Thu, 11 May 1995 18:32:18 EDT." Date: Thu, 11 May 1995 15:58:11 -0700 From: Paul Traina Sender: security-owner@FreeBSD.org Precedence: bulk > I've got FreeBSD 2.0 on a CD-ROM so I can provide diffs that should allow > ipfirewall v2.0 to be installed on FreeBSD 2.0. Unfortunately, I don't > run FreeBSD on any machine that I've got access to so I can't test the > diffs (I use BSD/OS v2.0 for all my ipfirewall development). Contact me > directly (danny@bouletfermat.ab.ca) if you're interested in these diffs. > Once someone running FreeBSD has verified that they work, I'll include them > in my standard release. > > -Danny > > P.S. A bound 30 page user's guide is provided to those who contribute the > suggested minimum shareware amount ($60 Canadian or roughly $44 US these > days). Hi, it's generally our policy to not incorporate shareware into the base operating system. The ipfirewall code present in FreeBSD 2.0 was writen by Ugen J.S. Antsilevich (ugen@netvision.net.il) to be a look-and-feel clone of yours (but not using any of your actual code). Given that you do have access to the FreeBSD source via your CDrom, it might be prudent for you to review the code that we are currently shipping to make sure you are comfortable with the representation I made above (i.e. that it's a clone written from the BSDI man page, and not your original code). If you would be willing to release your new code under a standard BSD copyright, and drop the shareware requirement, I think there'd be a lot of users who would be extremely interested in porting it into FreeBSD. Paul p.s. yes, in case you're wondering, I'm also the "other" Paul Traina from cisco. I deliberately have not looked at or done any work on the FreeBSD firewall code because I don't want to create a conflict of interest with cisco. If you would be interested in dicussing firewall features offline, I'd love to chat with you about yours. From owner-freebsd-security Thu May 11 16:51:19 1995 Return-Path: security-owner Received: (from majordom@localhost) by freefall.cdrom.com (8.6.10/8.6.6) id QAA19796 for security-outgoing; Thu, 11 May 1995 16:51:19 -0700 Received: from Root.COM (implode.Root.COM [198.145.90.1]) by freefall.cdrom.com (8.6.10/8.6.6) with ESMTP id QAA19789 for ; Thu, 11 May 1995 16:51:16 -0700 Received: from corbin.Root.COM (corbin.Root.COM [198.145.90.18]) by Root.COM (8.6.8/8.6.5) with ESMTP id QAA08007; Thu, 11 May 1995 16:54:06 -0700 Received: from localhost (localhost [127.0.0.1]) by corbin.Root.COM (8.6.11/8.6.5) with SMTP id QAA00209; Thu, 11 May 1995 16:51:05 -0700 Message-Id: <199505112351.QAA00209@corbin.Root.COM> To: Paul Traina cc: Danny Boulet , freebsd-security@FreeBSD.org, ugen@netvision.net.il Subject: Re: Security options for NFS? In-reply-to: Your message of "Thu, 11 May 95 15:58:11 PDT." <199505112258.PAA04433@precipice.shockwave.com> From: David Greenman Reply-To: davidg@root.com Date: Thu, 11 May 1995 16:51:01 -0700 Sender: security-owner@FreeBSD.org Precedence: bulk > > I've got FreeBSD 2.0 on a CD-ROM so I can provide diffs that should allow > > ipfirewall v2.0 to be installed on FreeBSD 2.0. Unfortunately, I don't > > run FreeBSD on any machine that I've got access to so I can't test the > > diffs (I use BSD/OS v2.0 for all my ipfirewall development). Contact me > > directly (danny@bouletfermat.ab.ca) if you're interested in these diffs. > > Once someone running FreeBSD has verified that they work, I'll include them > > in my standard release. > > > > -Danny > > > > P.S. A bound 30 page user's guide is provided to those who contribute the > > suggested minimum shareware amount ($60 Canadian or roughly $44 US these > > days). > >Hi, it's generally our policy to not incorporate shareware into the base >operating system. The ipfirewall code present in FreeBSD 2.0 was writen by >Ugen J.S. Antsilevich (ugen@netvision.net.il) to be a look-and-feel clone >of yours (but not using any of your actual code). What gives you that idea? From ip_fw.c: /* * Copyright (c) 1993 Daniel Boulet * Copyright (c) 1994 Ugen J.S.Antsilevich * * Redistribution and use in source forms, with and without modification, ... And the original commit message: revision 1.1 date: 1994/10/28 15:09:46; author: jkh; state: Exp; IP Firewall code from Daniel Boulet and J.S.Antsilevich Submitted by: danny ugen -DG From owner-freebsd-security Thu May 11 17:02:37 1995 Return-Path: security-owner Received: (from majordom@localhost) by freefall.cdrom.com (8.6.10/8.6.6) id RAA19981 for security-outgoing; Thu, 11 May 1995 17:02:37 -0700 Received: from precipice.shockwave.com (precipice.shockwave.com [171.69.108.33]) by freefall.cdrom.com (8.6.10/8.6.6) with ESMTP id RAA19975 for ; Thu, 11 May 1995 17:02:36 -0700 Received: from localhost (localhost [127.0.0.1]) by precipice.shockwave.com (8.6.11/8.6.9) with SMTP id RAA04575; Thu, 11 May 1995 17:01:23 -0700 Message-Id: <199505120001.RAA04575@precipice.shockwave.com> To: davidg@root.com cc: Danny Boulet , freebsd-security@FreeBSD.org, ugen@netvision.net.il Subject: Re: Security options for NFS? In-reply-to: Your message of "Thu, 11 May 1995 16:51:01 PDT." <199505112351.QAA00209@corbin.Root.COM> Date: Thu, 11 May 1995 17:01:22 -0700 From: Paul Traina Sender: security-owner@FreeBSD.org Precedence: bulk Ugen gave me the idea in a note. From: David Greenman Subject: Re: Security options for NFS? > > I've got FreeBSD 2.0 on a CD-ROM so I can provide diffs that should allo >>w > > ipfirewall v2.0 to be installed on FreeBSD 2.0. Unfortunately, I don't > > run FreeBSD on any machine that I've got access to so I can't test the > > diffs (I use BSD/OS v2.0 for all my ipfirewall development). Contact me > > directly (danny@bouletfermat.ab.ca) if you're interested in these diffs. > > Once someone running FreeBSD has verified that they work, I'll include t >>hem > > in my standard release. > > > > -Danny > > > > P.S. A bound 30 page user's guide is provided to those who contribute th >>e > > suggested minimum shareware amount ($60 Canadian or roughly $44 US these > > days). > >Hi, it's generally our policy to not incorporate shareware into the base >operating system. The ipfirewall code present in FreeBSD 2.0 was writen by >Ugen J.S. Antsilevich (ugen@netvision.net.il) to be a look-and-feel clone >of yours (but not using any of your actual code). What gives you that idea? From ip_fw.c: /* * Copyright (c) 1993 Daniel Boulet * Copyright (c) 1994 Ugen J.S.Antsilevich * * Redistribution and use in source forms, with and without modification, ... And the original commit message: revision 1.1 date: 1994/10/28 15:09:46; author: jkh; state: Exp; IP Firewall code from Daniel Boulet and J.S.Antsilevich Submitted by: danny ugen -DG From owner-freebsd-security Fri May 12 00:24:01 1995 Return-Path: security-owner Received: (from majordom@localhost) by freefall.cdrom.com (8.6.10/8.6.6) id AAA13104 for security-outgoing; Fri, 12 May 1995 00:24:01 -0700 Received: from marble.eps.nagoya-u.ac.jp (marble.eps.nagoya-u.ac.jp [133.6.57.68]) by freefall.cdrom.com (8.6.10/8.6.6) with ESMTP id AAA13096 for ; Fri, 12 May 1995 00:23:59 -0700 Received: from marble.eps.nagoya-u.ac.jp (localhost [127.0.0.1]) by marble.eps.nagoya-u.ac.jp (8.6.12+2.4W/3.3W9) with ESMTP id QAA02498 for ; Fri, 12 May 1995 16:23:59 +0900 Message-Id: <199505120723.QAA02498@marble.eps.nagoya-u.ac.jp> To: FreeBSD-security@FreeBSD.org Subject: DNS Security Hole Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Date: Fri, 12 May 1995 16:23:58 +0900 From: KATO Takenori Sender: security-owner@FreeBSD.org Precedence: bulk Resolver in FreeBSD 2.0 Release and FreeBSD-current doesn't support "SUNSECURITY" option which appears in BIND-4.9.2. So I made a patch to support this option. Code in this patch is derived from BIND-4.9.3-BETA17 and its fatal bug is fixed. -------- BEGIN ---------- *** lib/libc/Makefile.orig Mon May 8 23:56:11 1995 --- lib/libc/Makefile Tue May 9 15:05:09 1995 *************** *** 8,14 **** LIB=c SHLIB_MAJOR= 2 SHLIB_MINOR= 1 ! CFLAGS+=-DLIBC_RCS -DSYSLIBC_RCS AINC= -I${.CURDIR}/${MACHINE} CLEANFILES+=tags INSTALL_PIC_ARCHIVE= yes --- 8,14 ---- LIB=c SHLIB_MAJOR= 2 SHLIB_MINOR= 1 ! CFLAGS+=-DLIBC_RCS -DSYSLIBC_RCS -DSUNSECURITY AINC= -I${.CURDIR}/${MACHINE} CLEANFILES+=tags INSTALL_PIC_ARCHIVE= yes *** lib/libc/net/gethostnamadr.c.orig Mon May 8 23:41:11 1995 --- lib/libc/net/gethostnamadr.c Tue May 9 17:24:10 1995 *************** *** 37,42 **** --- 37,46 ---- #include #include #include + #ifdef SUNSECURITY + #include + #include + #endif extern struct hostent * _gethostbyhtname __P((const char *)); extern struct hostent * _gethostbydnsname __P((const char *)); *************** *** 156,161 **** --- 160,171 ---- { struct hostent *hp = 0; int nserv = 0; + #ifdef SUNSECURITY + struct hostent *rhp = 0; + char **haddr; + char hname2[MAXDNAME+1]; + char *addr2; + #endif if (!service_done) init_services(); *************** *** 176,181 **** --- 186,213 ---- } nserv++; } + #ifdef SUNSECURITY + /* + * turn off search as the name should be absolute, + * 'localhost' should be matched by defnames + */ + strncpy(hname2, hp->h_name, MAXDNAME); + hname2[MAXDNAME] = '\0'; + /* if (!(rhp = gethostbyname(hp->h_name))) { ORIGINAL BUG */ + if (!(rhp = gethostbyname(hname2))) { + syslog(LOG_NOTICE|LOG_AUTH, + "gethostbyaddr: No A record for %s (verifying [%s])", + hname2, inet_ntoa(*((struct in_addr *)addr))); + return (NULL); + } + for (haddr = rhp->h_addr_list; *haddr; haddr++) + if (memcmp(*haddr, + addr, INADDRSZ)== 0) + return hp; + syslog(LOG_NOTICE|LOG_AUTH, + "gethostbyaddr: A record of %s != PTR record [%s]", + hname2, inet_ntoa(*((struct in_addr *)addr))); + return (NULL); + #endif return hp; } *** lib/libresolv/Makefile.orig Tue May 9 00:48:56 1995 --- lib/libresolv/Makefile Tue May 9 00:49:19 1995 *************** *** 1,7 **** # @(#)Makefile 8.1 (Berkeley) 6/4/93 LIB=resolv ! CFLAGS+=-DDEBUG -DLIBC_SCCS .PATH: ${.CURDIR}/../libc/net --- 1,7 ---- # @(#)Makefile 8.1 (Berkeley) 6/4/93 LIB=resolv ! CFLAGS+=-DDEBUG -DLIBC_SCCS -DSUNSECURITY .PATH: ${.CURDIR}/../libc/net ---------- END ---------- ---------------- KATO Takenori Dept. Earth Planet. Sci. Nagoya Univ. Nagoya 464-01 Japan E-mail: kato@eclogite.eps.nagoya-u.ac.jp From owner-freebsd-security Fri May 12 00:45:42 1995 Return-Path: security-owner Received: (from majordom@localhost) by freefall.cdrom.com (8.6.10/8.6.6) id AAA14827 for security-outgoing; Fri, 12 May 1995 00:45:42 -0700 Received: from precipice.shockwave.com (precipice.shockwave.com [171.69.108.33]) by freefall.cdrom.com (8.6.10/8.6.6) with ESMTP id AAA14821 for ; Fri, 12 May 1995 00:45:40 -0700 Received: from localhost (localhost [127.0.0.1]) by precipice.shockwave.com (8.6.11/8.6.9) with SMTP id AAA06220; Fri, 12 May 1995 00:44:32 -0700 Message-Id: <199505120744.AAA06220@precipice.shockwave.com> To: KATO Takenori cc: FreeBSD-security@FreeBSD.org Subject: Re: DNS Security Hole In-reply-to: Your message of "Fri, 12 May 1995 16:23:58 +0900." <199505120723.QAA02498@marble.eps.nagoya-u.ac.jp> Date: Fri, 12 May 1995 00:44:32 -0700 From: Paul Traina Sender: security-owner@FreeBSD.org Precedence: bulk Why would we ever want this under an #ifdef? Sounds like it should always be applied. From: KATO Takenori Subject: DNS Security Hole Resolver in FreeBSD 2.0 Release and FreeBSD-current doesn't support "SUNSECURITY" option which appears in BIND-4.9.2. So I made a patch to support this option. Code in this patch is derived from BIND-4.9.3-BETA17 and its fatal bug is fixed. -------- BEGIN ---------- *** lib/libc/Makefile.orig Mon May 8 23:56:11 1995 --- lib/libc/Makefile Tue May 9 15:05:09 1995 *************** *** 8,14 **** LIB=c SHLIB_MAJOR= 2 SHLIB_MINOR= 1 ! CFLAGS+=-DLIBC_RCS -DSYSLIBC_RCS AINC= -I${.CURDIR}/${MACHINE} CLEANFILES+=tags INSTALL_PIC_ARCHIVE= yes --- 8,14 ---- LIB=c SHLIB_MAJOR= 2 SHLIB_MINOR= 1 ! CFLAGS+=-DLIBC_RCS -DSYSLIBC_RCS -DSUNSECURITY AINC= -I${.CURDIR}/${MACHINE} CLEANFILES+=tags INSTALL_PIC_ARCHIVE= yes *** lib/libc/net/gethostnamadr.c.orig Mon May 8 23:41:11 1995 --- lib/libc/net/gethostnamadr.c Tue May 9 17:24:10 1995 *************** *** 37,42 **** --- 37,46 ---- #include #include #include + #ifdef SUNSECURITY + #include + #include + #endif extern struct hostent * _gethostbyhtname __P((const char *)); extern struct hostent * _gethostbydnsname __P((const char *)); *************** *** 156,161 **** --- 160,171 ---- { struct hostent *hp = 0; int nserv = 0; + #ifdef SUNSECURITY + struct hostent *rhp = 0; + char **haddr; + char hname2[MAXDNAME+1]; + char *addr2; + #endif if (!service_done) init_services(); *************** *** 176,181 **** --- 186,213 ---- } nserv++; } + #ifdef SUNSECURITY + /* + * turn off search as the name should be absolute, + * 'localhost' should be matched by defnames + */ + strncpy(hname2, hp->h_name, MAXDNAME); + hname2[MAXDNAME] = '\0'; + /* if (!(rhp = gethostbyname(hp->h_name))) { ORIGINAL BUG */ + if (!(rhp = gethostbyname(hname2))) { + syslog(LOG_NOTICE|LOG_AUTH, + "gethostbyaddr: No A record for %s (verifying [%s])", + hname2, inet_ntoa(*((struct in_addr *)addr))); + return (NULL); + } + for (haddr = rhp->h_addr_list; *haddr; haddr++) + if (memcmp(*haddr, + addr, INADDRSZ)== 0) + return hp; + syslog(LOG_NOTICE|LOG_AUTH, + "gethostbyaddr: A record of %s != PTR record [%s]", + hname2, inet_ntoa(*((struct in_addr *)addr))); + return (NULL); + #endif return hp; } *** lib/libresolv/Makefile.orig Tue May 9 00:48:56 1995 --- lib/libresolv/Makefile Tue May 9 00:49:19 1995 *************** *** 1,7 **** # @(#)Makefile 8.1 (Berkeley) 6/4/93 LIB=resolv ! CFLAGS+=-DDEBUG -DLIBC_SCCS .PATH: ${.CURDIR}/../libc/net --- 1,7 ---- # @(#)Makefile 8.1 (Berkeley) 6/4/93 LIB=resolv ! CFLAGS+=-DDEBUG -DLIBC_SCCS -DSUNSECURITY .PATH: ${.CURDIR}/../libc/net ---------- END ---------- ---------------- KATO Takenori Dept. Earth Planet. Sci. Nagoya Univ. Nagoya 464-01 Japan E-mail: kato@eclogite.eps.nagoya-u.ac.jp From owner-freebsd-security Fri May 12 00:49:46 1995 Return-Path: security-owner Received: (from majordom@localhost) by freefall.cdrom.com (8.6.10/8.6.6) id AAA15157 for security-outgoing; Fri, 12 May 1995 00:49:46 -0700 Received: from gndrsh.aac.dev.com (gndrsh.aac.dev.com [198.145.92.241]) by freefall.cdrom.com (8.6.10/8.6.6) with ESMTP id AAA15142 for ; Fri, 12 May 1995 00:49:40 -0700 Received: (from rgrimes@localhost) by gndrsh.aac.dev.com (8.6.11/8.6.9) id AAA00443; Fri, 12 May 1995 00:48:21 -0700 From: "Rodney W. Grimes" Message-Id: <199505120748.AAA00443@gndrsh.aac.dev.com> Subject: Re: DNS Security Hole To: pst@Shockwave.COM (Paul Traina) Date: Fri, 12 May 1995 00:48:21 -0700 (PDT) Cc: kato@eclogite.eps.nagoya-u.ac.jp, FreeBSD-security@FreeBSD.org In-Reply-To: <199505120744.AAA06220@precipice.shockwave.com> from "Paul Traina" at May 12, 95 00:44:32 am X-Mailer: ELM [version 2.4 PL24] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Content-Length: 927 Sender: security-owner@FreeBSD.org Precedence: bulk > > Why would we ever want this under an #ifdef? > Sounds like it should always be applied. > > From: KATO Takenori > Subject: DNS Security Hole > > Resolver in FreeBSD 2.0 Release and FreeBSD-current doesn't support > "SUNSECURITY" option which appears in BIND-4.9.2. So I made a patch > to support this option. Code in this patch is derived from > BIND-4.9.3-BETA17 and its fatal bug is fixed. And the correct thing to do would be to import BIND-4.9.3-BETA17, but it seems last time this came up Paul Vixie was about to go to an official release. Is there any new status on that. I would prefer not to apply this patch only to have it conflict when the cvs import of the next official release of bind occured. -- Rod Grimes rgrimes@gndrsh.aac.dev.com Accurate Automation Company Custom computers for FreeBSD From owner-freebsd-security Fri May 12 02:05:10 1995 Return-Path: security-owner Received: (from majordom@localhost) by freefall.cdrom.com (8.6.10/8.6.6) id CAA18819 for security-outgoing; Fri, 12 May 1995 02:05:10 -0700 Received: from ibp.ibp.fr (ibp.ibp.fr [132.227.60.30]) by freefall.cdrom.com (8.6.10/8.6.6) with ESMTP id CAA18807 for ; Fri, 12 May 1995 02:05:05 -0700 Received: from blaise.ibp.fr (blaise.ibp.fr [132.227.60.1]) by ibp.ibp.fr (8.6.12/jtpda-5.0) with ESMTP id LAA02166 ; Fri, 12 May 1995 11:04:42 +0200 Received: from (roberto@localhost) by blaise.ibp.fr (8.6.12/jtpda-5.0) id LAA20242 ; Fri, 12 May 1995 11:04:41 +0200 From: roberto@blaise.ibp.fr (Ollivier Robert) Message-Id: <199505120904.LAA20242@blaise.ibp.fr> Subject: Re: DNS Security Hole To: rgrimes@gndrsh.aac.dev.com (Rodney W. Grimes) Date: Fri, 12 May 1995 11:04:41 +0200 (MET DST) Cc: pst@Shockwave.COM, kato@eclogite.eps.nagoya-u.ac.jp, FreeBSD-security@FreeBSD.org In-Reply-To: <199505120748.AAA00443@gndrsh.aac.dev.com> from "Rodney W. Grimes" at May 12, 95 00:48:21 am X-Operating-System: FreeBSD BUILT-19950501 ctm#617 X-Mailer: ELM [version 2.4 PL24] Content-Type: text Content-Length: 473 Sender: security-owner@FreeBSD.org Precedence: bulk > And the correct thing to do would be to import BIND-4.9.3-BETA17, but > it seems last time this came up Paul Vixie was about to go to an > official release. Is there any new status on that. Yes, beta18 will go out in a few days (info.bind info). A dozens bugs have crept out and a few are show-stoppers (per Paul words). -- Ollivier ROBERT -=- The daemon is FREE! -=- roberto@FreeBSD.ORG FreeBSD keltia 2.0-BUILT-19950503 #3: Wed May 3 19:53:04 MET DST 1995 From owner-freebsd-security Fri May 12 02:32:56 1995 Return-Path: security-owner Received: (from majordom@localhost) by freefall.cdrom.com (8.6.10/8.6.6) id CAA20362 for security-outgoing; Fri, 12 May 1995 02:32:56 -0700 Received: from ibp.ibp.fr (ibp.ibp.fr [132.227.60.30]) by freefall.cdrom.com (8.6.10/8.6.6) with ESMTP id CAA20353 for ; Fri, 12 May 1995 02:32:46 -0700 Received: from blaise.ibp.fr (blaise.ibp.fr [132.227.60.1]) by ibp.ibp.fr (8.6.12/jtpda-5.0) with ESMTP id LAA02798 ; Fri, 12 May 1995 11:32:41 +0200 Received: from (roberto@localhost) by blaise.ibp.fr (8.6.12/jtpda-5.0) id LAA20851 ; Fri, 12 May 1995 11:32:40 +0200 From: roberto@blaise.ibp.fr (Ollivier Robert) Message-Id: <199505120932.LAA20851@blaise.ibp.fr> Subject: Re: DNS Security Hole To: roberto@blaise.ibp.fr (Ollivier Robert) Date: Fri, 12 May 1995 11:32:40 +0200 (MET DST) Cc: rgrimes@gndrsh.aac.dev.com, pst@Shockwave.COM, kato@eclogite.eps.nagoya-u.ac.jp, FreeBSD-security@FreeBSD.org In-Reply-To: <199505120904.LAA20242@blaise.ibp.fr> from "Ollivier Robert" at May 12, 95 11:04:41 am X-Operating-System: FreeBSD BUILT-19950501 ctm#617 X-Mailer: ELM [version 2.4 PL24] Content-Type: text Content-Length: 697 Sender: security-owner@FreeBSD.org Precedence: bulk > Yes, beta18 will go out in a few days (info.bind info). A dozens bugs > have crept out and a few are show-stoppers (per Paul words). Here is the message taken from info.bind : From: paul@vix.com (Paul A Vixie) -( )--[1] [1] Re: Bind 4.9.9305?? Date: Mon May 08 23:22:29 MET DST 1995 > Ok, got the newer 4.9.2. Is Beta 17 that solid so that it'll be >4.9.3Release? No. About two dozen bugs have shown up, three of which were show stoppers. Expect Beta18 out, hopefully in the next day or so. -- Paul Vixie -- Ollivier ROBERT -=- The daemon is FREE! -=- roberto@FreeBSD.ORG FreeBSD keltia 2.0-BUILT-19950503 #3: Wed May 3 19:53:04 MET DST 1995 From owner-freebsd-security Fri May 12 05:38:18 1995 Return-Path: security-owner Received: (from majordom@localhost) by freefall.cdrom.com (8.6.10/8.6.6) id FAA00409 for security-outgoing; Fri, 12 May 1995 05:38:18 -0700 Received: from marble.eps.nagoya-u.ac.jp (marble.eps.nagoya-u.ac.jp [133.6.57.68]) by freefall.cdrom.com (8.6.10/8.6.6) with ESMTP id FAA00403 for ; Fri, 12 May 1995 05:38:16 -0700 Received: from marble.eps.nagoya-u.ac.jp (localhost [127.0.0.1]) by marble.eps.nagoya-u.ac.jp (8.6.12+2.4W/3.3W9) with ESMTP id VAA02876; Fri, 12 May 1995 21:37:50 +0900 Message-Id: <199505121237.VAA02876@marble.eps.nagoya-u.ac.jp> To: rgrimes@gndrsh.aac.dev.com cc: pst@Shockwave.COM, FreeBSD-security@FreeBSD.org Subject: Re: DNS Security Hole In-reply-to: Your message of "Fri, 12 May 1995 00:48:21 MST." <199505120748.AAA00443@gndrsh.aac.dev.com> Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Date: Fri, 12 May 1995 21:37:48 +0900 From: KATO Takenori Sender: security-owner@FreeBSD.org Precedence: bulk > From: "Rodney W. Grimes" > > And the correct thing to do would be to import BIND-4.9.3-BETA17, but > it seems last time this came up Paul Vixie was about to go to an > official release. Is there any new status on that. > > I would prefer not to apply this patch only to have it conflict when > the cvs import of the next official release of bind occured. I don't know what is correct way. I think to import 4.9.3-BETA is not so good, because it is not RELEASE VERSION. I think one of better way is now FreeBSD use bind-4.9.2 and change it into 4.9.3-RELEASE when it is released. (Another way is all programs check PTR record after gethostbyaddr as tcp_wrapper does.) ---------------- KATO Takenori Dept. Earth Planet. Sci. Nagoya Univ. Nagoya 464-01 Japan E-mail: kato@eclogite.eps.nagoya-u.ac.jp From owner-freebsd-security Sat May 13 07:30:12 1995 Return-Path: security-owner Received: (from majordom@localhost) by freefall.cdrom.com (8.6.10/8.6.6) id HAA02029 for security-outgoing; Sat, 13 May 1995 07:30:12 -0700 Received: from mpp.com (dialup-5-116.gw.umn.edu [128.101.96.116]) by freefall.cdrom.com (8.6.10/8.6.6) with ESMTP id HAA02021 for ; Sat, 13 May 1995 07:30:06 -0700 Received: (from mpp@localhost) by mpp.com (8.6.11/8.6.9) id JAA09229 for security@freebsd.org; Sat, 13 May 1995 09:29:56 -0500 From: Mike Pritchard Message-Id: <199505131429.JAA09229@mpp.com> Subject: stat & inode generation numbers To: security@FreeBSD.org Date: Sat, 13 May 1995 09:29:55 -0500 (CDT) X-Mailer: ELM [version 2.4 PL24] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Content-Length: 527 Sender: security-owner@FreeBSD.org Precedence: bulk I just noticed that the stat system call is returning the i-node generation number to non-root callers. I thought that allowing users to determine the i-node generation number of files was considered bad and a security risk in NFS environments, since it makes it possible for someone to come up with valid file handles. Am I mistaken, or should stat be changed to only return st_gen when called by the superuser? -- Mike Pritchard pritc003@maroon.tc.umn.edu "Go that way. Really fast. If something gets in your way, turn"