From owner-freebsd-security  Wed Nov 17 17:25:48 1999
Delivered-To: freebsd-security@freebsd.org
Received: from kronos.alcnet.com (kronos.alcnet.com [63.69.28.22])
	by hub.freebsd.org (Postfix) with ESMTP id 0541415073
	for <freebsd-security@FreeBSD.ORG>; Wed, 17 Nov 1999 17:25:46 -0800 (PST)
	(envelope-from kbyanc@posi.net)
X-Provider: ALC Communications, Inc.  http://www.alcnet.com/
Received: from localhost (kbyanc@localhost)
	by kronos.alcnet.com (8.9.3/8.9.3/antispam) with ESMTP id UAA18512;
	Wed, 17 Nov 1999 20:25:43 -0500 (EST)
Date: Wed, 17 Nov 1999 20:25:43 -0500 (EST)
From: Kelly Yancey <kbyanc@posi.net>
X-Sender: kbyanc@kronos.alcnet.com
To: Warner Losh <imp@village.org>
Cc: freebsd-security@FreeBSD.ORG
Subject: Re: kernel stack contents visible from userland 
In-Reply-To: <199911172221.PAA19404@harmony.village.org>
Message-ID: <Pine.BSF.4.05.9911172021110.18418-100000@kronos.alcnet.com>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII
Sender: owner-freebsd-security@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

On Wed, 17 Nov 1999, Warner Losh wrote:

> These patches look good.  I wonder if there might be an easier way to
> accomplish this.  I don't see anything here that is a security risk,
> per se, since most of the stat struct is always filled in before the
> copyout.  Which fields in stat are not explicitly used?  I would have
> expected them all to be filled in in all cases.  It would likely be
> faster to just wonk on st_lspare and st_qspare[2] in cvstat...
> 

  I wrote new patches which were less intrusive and only cleared the spare
fields rather than bzero'ing the entire structure. I've submitted the
patches with PR kern/14966.

  On a related note, these patches still solve my original problem of
being able to compare stat structures. I found that, at least on
FreeBSD/i386, I can reliably memcmp() two stat structures and determine
when a file's status has changed (even on filesystems without ctime). All
is right in the world. :)

  Thanks for the feedback,

  Kelly

--
Kelly Yancey  -  kbyanc@posi.net  -  Richmond, VA
Director of Technical Services, ALC Communications  http://www.alcnet.com/
Maintainer, BSD Driver Database       http://www.posi.net/freebsd/drivers/
Coordinator, Team FreeBSD        http://www.posi.net/freebsd/Team-FreeBSD/



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message