Date: Thu, 21 May 2009 19:24:22 +0300 From: Kostik Belousov <kostikbel@gmail.com> To: Ed Schouten <ed@freebsd.org> Cc: svn-src-head@freebsd.org, svn-src-all@freebsd.org, src-committers@freebsd.org Subject: Re: svn commit: r192544 - head/sys/kern Message-ID: <20090521162422.GR1927@deviant.kiev.zoral.com.ua> In-Reply-To: <200905211619.n4LGJsDV071739@svn.freebsd.org> References: <200905211619.n4LGJsDV071739@svn.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
[-- Attachment #1 --] On Thu, May 21, 2009 at 04:19:54PM +0000, Ed Schouten wrote: > Author: ed > Date: Thu May 21 16:19:54 2009 > New Revision: 192544 > URL: http://svn.freebsd.org/changeset/base/192544 > > Log: > Add a new sysctl: kern.tty_inq_flush_secure. > > When enabled all TTY input queue buffers are zeroed when flushing or > closing the TTY. Because TTY input queues are also used to store filled > in passwords, this may be an interesting switch to enable for security > minded people. Why is this enabled by sysctl ? Such feature shall be unconditional if it has any value. > > Modified: > head/sys/kern/tty_inq.c > > Modified: head/sys/kern/tty_inq.c > ============================================================================== > --- head/sys/kern/tty_inq.c Thu May 21 16:18:45 2009 (r192543) > +++ head/sys/kern/tty_inq.c Thu May 21 16:19:54 2009 (r192544) > @@ -68,6 +68,9 @@ SYSCTL_ULONG(_kern, OID_AUTO, tty_inq_nf > static unsigned long ttyinq_nslow = 0; > SYSCTL_ULONG(_kern, OID_AUTO, tty_inq_nslow, CTLFLAG_RD, > &ttyinq_nslow, 0, "Buffered reads to userspace on input"); > +static int ttyinq_flush_secure = 0; > +SYSCTL_INT(_kern, OID_AUTO, tty_inq_flush_secure, CTLFLAG_RW, > + &ttyinq_flush_secure, 0, "Zero buffers while flushing"); > > #define TTYINQ_QUOTESIZE (TTYINQ_DATASIZE / BMSIZE) > #define BMSIZE 32 > @@ -376,28 +379,19 @@ ttyinq_findchar(struct ttyinq *ti, const > void > ttyinq_flush(struct ttyinq *ti) > { > + struct ttyinq_block *tib = ti->ti_lastblock; > > ti->ti_begin = 0; > ti->ti_linestart = 0; > ti->ti_reprint = 0; > ti->ti_end = 0; > -} > - > -#if 0 > -void > -ttyinq_flush_safe(struct ttyinq *ti) > -{ > - struct ttyinq_block *tib; > - > - ttyinq_flush(ti); > > - /* Zero all data in the input queue to make it more safe */ > - TAILQ_FOREACH(tib, &ti->ti_list, tib_list) { > - bzero(&tib->tib_quotes, sizeof tib->tib_quotes); > - bzero(&tib->tib_data, sizeof tib->tib_data); > + /* Zero all data in the input queue to get rid of passwords. */ > + if (ttyinq_flush_secure) { > + for (tib = ti->ti_firstblock; tib != NULL; tib = tib->tib_next) > + bzero(&tib->tib_data, sizeof tib->tib_data); > } > } > -#endif > > int > ttyinq_peekchar(struct ttyinq *ti, char *c, int *quote) [-- Attachment #2 --] -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.9 (FreeBSD) iEYEARECAAYFAkoVgDYACgkQC3+MBN1Mb4glpwCbBx7y1pO7YQ28JZnL7crcrT1h c18AoLceQ5PuiCRQ3LKV0yx7OhWxltWo =wKK+ -----END PGP SIGNATURE-----
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20090521162422.GR1927>