From owner-freebsd-security@FreeBSD.ORG Tue Nov 4 17:28:31 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id C342216A4CF for ; Tue, 4 Nov 2003 17:28:31 -0800 (PST) Received: from smtp0.adl1.internode.on.net (smtp0.adl1.internode.on.net [203.16.214.194]) by mx1.FreeBSD.org (Postfix) with ESMTP id 3C55843FDF for ; Tue, 4 Nov 2003 17:28:28 -0800 (PST) (envelope-from kim.needham@rocksoft.com) Received: from Lappy.rocksoft.com (eth1083.sa.adsl.internode.on.net [150.101.233.58])hA51SQPu054475; Wed, 5 Nov 2003 11:58:26 +1030 (CST) Message-Id: <5.2.0.9.0.20031105114806.00b34b98@mail.chariot.net.au> X-Sender: kim@mail.rocksoft.com (Unverified) X-Mailer: QUALCOMM Windows Eudora Version 5.2.0.9 Date: Wed, 05 Nov 2003 11:58:21 +1030 To: "Robert Collins" From: Kim Needham In-Reply-To: <4529.141.149.242.190.1067993236.squirrel@mail.hwi.buffalo. edu> References: <20031104180932.GA70958@rot13.obsecurity.org> <001901c3a2de$7ab72c10$6855cd80@dhcp.hwi.buffalo.edu> <20031104180932.GA70958@rot13.obsecurity.org> Mime-Version: 1.0 Content-Type: text/plain; charset="us-ascii"; format=flowed X-Mailman-Approved-At: Wed, 05 Nov 2003 03:35:15 -0800 cc: freebsd-security@freebsd.org Subject: Re: Veractiy and FreeBSD X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 05 Nov 2003 01:28:31 -0000 This is caused by a check that determines if the /proc filesystem is on the same device as the file being read to prevent reading in files of infinite length. Since FreeBSD 5.x seems to no longer use a mounted proc filesystem but proc is mounted on the root device, this check will need to be removed for FreeBSD 5.x. In theory you could remove the /proc directory though I have no idea what bad effects that will have, especially if you are using anything that runs in compatibility mode. (Someone more up to date with the changes to FreeBSD 5.x could inform you as to the problems this may cause) Otherwise we will have a new version shortly that will have this problem corrected. Kim Needham (kim.needham@rocksoft.com) Network Engineer, Rocksoft Limited. Ph: +61 8 8232 6262 Fax: +61 8 8232 6264 http://www.rocksoft.com/ Protect your files with Veracity data integrity: http://www.veracity.com/ > > On Tue, Nov 04, 2003 at 09:18:12AM -0500, Robert Collins wrote: > >> I'm trying to get veracity (http://www.rocksoft.com/veracity/), a > >> tripwire > >> replacement, working on FreeBSD 5.x. When I try and create a snapshot I > >> get > >> the following error for files sitting on my root partition: > >> > >> -- snip snip -- > >> > >> csh.logout > >> E: Error opening binary (B) stream of file > >> "/etc/csh.logout". > >> (OS error message="File is on the procfs (/proc) device."). > >> E: Could not obtain attribute B.md5 for this file. > >> > >> -- snip snip -- > >> > >> I've tried taking both PROCFS and PSEUDOFS out of the kernel, to no > >> avail. > >> Anyone have any other ideas? > > > > Talk to the authors? > > > >Kris, > >The last line of my e-mail was originally "Anyone have any other ideas >before I go back to trying to contact their non-existant technical >support?" But I figured I would be nice. :) > >I spoke to someone from rocksoft, but it's a long uninformative story. > >Thanks for the idea though. >-rcollins >_______________________________________________ >freebsd-security@freebsd.org mailing list >http://lists.freebsd.org/mailman/listinfo/freebsd-security >To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"