From owner-freebsd-current  Tue Nov 13 14:27:45 2001
Delivered-To: freebsd-current@freebsd.org
Received: from fledge.watson.org (fledge.watson.org [204.156.12.50])
	by hub.freebsd.org (Postfix) with ESMTP
	id 1414237B416; Tue, 13 Nov 2001 14:27:40 -0800 (PST)
Received: from fledge.watson.org (ak82hjs7hex92j@fledge.pr.watson.org [192.0.2.3])
	by fledge.watson.org (8.11.6/8.11.5) with SMTP id fADMRRB55115;
	Tue, 13 Nov 2001 17:27:27 -0500 (EST)
	(envelope-from robert@fledge.watson.org)
Date: Tue, 13 Nov 2001 17:27:26 -0500 (EST)
From: Robert Watson <rwatson@FreeBSD.org>
X-Sender: robert@fledge.watson.org
To: John Baldwin <jhb@FreeBSD.org>
Cc: Alexander Leidinger <Alexander@Leidinger.net>,
	current@FreeBSD.org, "Crist J. Clark" <cristjc@earthlink.net>
Subject: Re: daily run output & passwd diff
In-Reply-To: <XFMail.011113142247.jhb@FreeBSD.org>
Message-ID: <Pine.NEB.3.96L.1011113172509.55075A-100000@fledge.watson.org>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-current@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-current.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-current>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-current>
X-Loop: FreeBSD.ORG


On Tue, 13 Nov 2001, John Baldwin wrote:

> > My temptation would actually be to ignore any commented lines in either
> > file for the purposes of the diff.  For the purposes of security checking,
> > you care mostly about the uncommented lines.  This would allow the script
> > to exclude content when it didn't understand its semantics (and hence
> > might risk revealing information it wasn't intended to).
> 
> So if some (admittedly weird) sysadmin temporarily comments out a
> password line then the next day we will broadcast that crypted password
> in plaintext e-mail? 

Not sure I follow.  I was suggesting that any line beginning with '#' be
excluded from the diffing, since the script can't know if information in
the comment is sensitive or not, and therefore can't censor it.

I.e., the conceptual equivilent of:

grep -v '^#' master.passwd > master.passwd.tmp
grep -v '^#' master.passwd.bak > master.passwd.bak.tmp
diff -u master.passwd.bak master.passwd

If an entry was commented out, then uncommented, then both events would
show up, just as removal/addition.

I could be missing something, of course :-).

Robert N M Watson             FreeBSD Core Team, TrustedBSD Project
robert@fledge.watson.org      NAI Labs, Safeport Network Services



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message