From owner-freebsd-security@FreeBSD.ORG Fri Sep 13 21:27:40 2013 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [8.8.178.115]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id 8C872758; Fri, 13 Sep 2013 21:27:40 +0000 (UTC) (envelope-from jhb@freebsd.org) Received: from bigwig.baldwin.cx (bigwig.baldwin.cx [IPv6:2001:470:1f11:75::1]) (using TLSv1 with cipher ADH-CAMELLIA256-SHA (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 636F92564; Fri, 13 Sep 2013 21:27:40 +0000 (UTC) Received: from jhbbsd.localnet (unknown [209.249.190.124]) by bigwig.baldwin.cx (Postfix) with ESMTPSA id 61492B939; Fri, 13 Sep 2013 17:27:39 -0400 (EDT) From: John Baldwin To: freebsd-security@freebsd.org Subject: Re: FreeBSD Transient Memory problem? Date: Fri, 13 Sep 2013 17:03:40 -0400 User-Agent: KMail/1.13.5 (FreeBSD/8.4-CBSD-20130906; KDE/4.5.5; amd64; ; ) References: <20130913164718.GC33898@in-addr.com> In-Reply-To: MIME-Version: 1.0 Content-Type: Text/Plain; charset="iso-8859-1" Content-Transfer-Encoding: 7bit Message-Id: <201309131703.40685.jhb@freebsd.org> X-Greylist: Sender succeeded SMTP AUTH, not delayed by milter-greylist-4.2.7 (bigwig.baldwin.cx); Fri, 13 Sep 2013 17:27:39 -0400 (EDT) Cc: Gary Palmer , Jonathon Wright , John-Mark Gurney , Julian Elischer X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 13 Sep 2013 21:27:40 -0000 On Friday, September 13, 2013 2:23:19 pm Jonathon Wright wrote: > Well stated Gary. > > I need to divulge more information it appears. The reason I'm unable to > effectively fight the semantic game, and not pay the auditors, etc. etc. is > because the auditors are the DoD. We work for a private company that's > contracted out to provide services to the DoD. But we still have to pass > their inspections. As you all know, the DoD does not exactly see things in > anything but black and white. > > So yes, my management is freaked out because the DoD auditors (paid for by > the DoD btw) are finding issues that we have to resolve to keep the > contract going. That's why my hands are tied. I'll give them credit though, > they are allowing me to demonstrate FreeBSD's capability in this manner by > providing documentation since FreeBSD does not have the cert. Thats the > first non-black and white auditor check I've seen in years. > > We have lots of time and efforts invested in our architecture which is > based on FreeBSD and thats why we're fighting to keep it, hence the start > of this post. > > Thanks again for all the insights, I'll keep ya up to date. We have another > month or so to work this, so we're still formulating an initial response. I think the sensible thing they are looking for is that new pages don't leak data between processes, not anything to do with malloc zeroing, etc. FreeBSD definitely does do this. However, the "right" answer is probably that you will have to pay to have the version of FreeBSD you are currently using audited. -- John Baldwin