From owner-freebsd-security@FreeBSD.ORG Sat Sep 14 02:41:13 2013 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) (using TLSv1 with cipher ADH-AES256-SHA (256/256 bits)) (No client certificate requested) by hub.freebsd.org (Postfix) with ESMTP id D6B59EF5; Sat, 14 Sep 2013 02:41:13 +0000 (UTC) (envelope-from julian@freebsd.org) Received: from vps1.elischer.org (vps1.elischer.org [204.109.63.16]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mx1.freebsd.org (Postfix) with ESMTPS id 8A25B2B67; Sat, 14 Sep 2013 02:41:13 +0000 (UTC) Received: from Julian-MBP3.local (ppp121-45-245-177.lns20.per2.internode.on.net [121.45.245.177]) (authenticated bits=0) by vps1.elischer.org (8.14.6/8.14.6) with ESMTP id r8E2f0dL089243 (version=TLSv1/SSLv3 cipher=DHE-RSA-CAMELLIA256-SHA bits=256 verify=NO); Fri, 13 Sep 2013 19:41:04 -0700 (PDT) (envelope-from julian@freebsd.org) Message-ID: <5233CCB6.9010205@freebsd.org> Date: Sat, 14 Sep 2013 10:40:54 +0800 From: Julian Elischer User-Agent: Mozilla/5.0 (Macintosh; Intel Mac OS X 10.8; rv:17.0) Gecko/20130801 Thunderbird/17.0.8 MIME-Version: 1.0 To: John Baldwin Subject: Re: FreeBSD Transient Memory problem? References: <20130913164718.GC33898@in-addr.com> <201309131703.40685.jhb@freebsd.org> In-Reply-To: <201309131703.40685.jhb@freebsd.org> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit Cc: Gary Palmer , freebsd-security@freebsd.org, John-Mark Gurney , Jonathon Wright X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.14 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 14 Sep 2013 02:41:13 -0000 On 9/14/13 5:03 AM, John Baldwin wrote: > On Friday, September 13, 2013 2:23:19 pm Jonathon Wright wrote: >> Well stated Gary. >> >> I need to divulge more information it appears. The reason I'm unable to >> effectively fight the semantic game, and not pay the auditors, etc. etc. is >> because the auditors are the DoD. We work for a private company that's >> contracted out to provide services to the DoD. But we still have to pass >> their inspections. As you all know, the DoD does not exactly see things in >> anything but black and white. >> >> So yes, my management is freaked out because the DoD auditors (paid for by >> the DoD btw) are finding issues that we have to resolve to keep the >> contract going. That's why my hands are tied. I'll give them credit though, >> they are allowing me to demonstrate FreeBSD's capability in this manner by >> providing documentation since FreeBSD does not have the cert. Thats the >> first non-black and white auditor check I've seen in years. >> >> We have lots of time and efforts invested in our architecture which is >> based on FreeBSD and thats why we're fighting to keep it, hence the start >> of this post. >> >> Thanks again for all the insights, I'll keep ya up to date. We have another >> month or so to work this, so we're still formulating an initial response. > I think the sensible thing they are looking for is that new pages don't leak > data between processes, not anything to do with malloc zeroing, etc. FreeBSD > definitely does do this. However, the "right" answer is probably that you > will have to pay to have the version of FreeBSD you are currently using > audited. this will probably be a lot cheaper than changing to Linux at this point.