From owner-freebsd-security@FreeBSD.ORG Thu Sep 12 17:49:46 2013 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 3F4A8D0C for ; Thu, 12 Sep 2013 17:49:46 +0000 (UTC) (envelope-from jonathon.s.wright@gmail.com) Received: from mail-pa0-x22b.google.com (mail-pa0-x22b.google.com [IPv6:2607:f8b0:400e:c03::22b]) (using TLSv1 with cipher ECDHE-RSA-RC4-SHA (128/128 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 162E1241F for ; Thu, 12 Sep 2013 17:49:46 +0000 (UTC) Received: by mail-pa0-f43.google.com with SMTP id hz10so1416697pad.16 for ; Thu, 12 Sep 2013 10:49:45 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=references:mime-version:in-reply-to:content-type :content-transfer-encoding:message-id:cc:from:subject:date:to; bh=eDafvGqLqdC9uXfYW0jUImfEDnB1Mul2+7a88MAUaiY=; b=W9SuD/RiSnPFO0W+cuSNi2kFYV6NhTjQWkyYUsVSW+Id9bcKPN5Zw2mUaPoK3+Zsgc HMN3ab1p10RVwzNrNkXiFFhmdRW0eS7DcJS9OsbuPDakNrvQty22DBXNCCvB1dIN+0ga 2JVR+IsXkHO33+AfxVAsnNLUIdKC/qlhT8nv79xbNM4bs4Hlk3JGEmMFfrKLQriPJYyk HEFaP+4nFHQP+SrggxGHDP8o4XmqcFnXUyQgz7aykD5UGbsOUN7lB3twr0nFAdob0AuP eg5tmVONqhgJSjsSQKOuULe9QTNoEZHN/9gKPZgQyBgoTuqEpU5Qwhweq0FFjJn/2bDS V6/g== X-Received: by 10.66.141.144 with SMTP id ro16mr3256778pab.173.1379008185744; Thu, 12 Sep 2013 10:49:45 -0700 (PDT) Received: from [192.168.1.102] (cpe-98-150-133-16.hawaii.res.rr.com. [98.150.133.16]) by mx.google.com with ESMTPSA id dw3sm6211069pbc.17.1969.12.31.16.00.00 (version=TLSv1 cipher=ECDHE-RSA-RC4-SHA bits=128/128); Thu, 12 Sep 2013 10:49:44 -0700 (PDT) References: <20130912053559.GF68682@funkthat.com> Mime-Version: 1.0 (1.0) In-Reply-To: <20130912053559.GF68682@funkthat.com> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: quoted-printable Message-Id: <979901F9-5F25-4DF1-95A8-32473C55B25F@gmail.com> X-Mailer: iPhone Mail (10B329) From: My Email Subject: Re: FreeBSD Transient Memory problem? Date: Thu, 12 Sep 2013 07:49:43 -1000 To: John-Mark Gurney Cc: "freebsd-security@freebsd.org" X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Thu, 12 Sep 2013 17:49:46 -0000 My apologies, I have been replying too all, I hope that is the correct metho= d. Anyway, that is very interesting information. I'd be extremely interested in= information on customizing malloc and jemalloc. Let me know where to start.= Thanks! JW On Sep 11, 2013, at 7:35 PM, John-Mark Gurney wrote: > Jonathon Wright wrote this message on Wed, Sep 11, 2013 at 14:15 -1000: >> I have posted this question (username-scryptkiddy) in the forums: >> http://forums.freebsd.org/showthread.php?t=3D41875 >> but was suggested to bring it here to the mailing list for discussion. >>=20 >> Basically, FreeBSD 8.3 (64bit) is what we use in our shop. We were >> inspected by a security team and they had issues with FreeBSD's memory >> management. >>=20 >> Namely the transient memory and object reuse areas of FreeBSD. They claim= ed >> that FreeBSD did not have a Common Criteria (EAL1-4) evaluation completed= , >> and therefore was vulnerable to the Transient memory problem. >=20 > Any system that uses malloc will have difficulties with this as most > versions of free will not zero out the memory... You could make > modifications to kernel malloc to always zero memory on free, and turn on > the junk feature of jemalloc and that could possibly close this issue > for them... >=20 >> Our higher ups need some sort of documentation / testing that can be use= d >> to counter this, since changing Operating Systems is not something we hav= e >> time / manpower to do, but might have too based on this supposed 'finding= '. >>=20 >> The post has all the details. Let me know I need to repost in this as wel= l. >=20 > I know that FreeBSD 4.7 and 4.9 has been EAL3 ceritfied. I worked for > nCircle a number of years ago, and they got their products EAL3 > cerified. >=20 > Link: > http://www.commoncriteriaportal.org:80/files/epfiles/nCircle%20CR%20v1.0.p= df >=20 > It is possible someone else has received certification on a newer version,= > but I'm not aware of any at this time... >=20 > --=20 > John-Mark Gurney Voice: +1 415 225 5579 >=20 > "All that I will do, has been done, All that I have, has not."