Date: Tue, 7 Nov 2006 23:28:15 -0800 From: Wes Peters <wes@opensail.org> To: Alexander Leidinger <Alexander@leidinger.net> Cc: freebsd-security@freebsd.org Subject: Re: freebsd-security Digest, Vol 184, Issue 2 Message-ID: <1794F6F9-3F65-4771-ACF6-23D00101B72D@opensail.org> In-Reply-To: <20061108082233.agry96udb4k0sckk@webmail.leidinger.net> References: <20061104163000.30D2516A7A6@hub.freebsd.org> <0C344F30-40A1-4B08-A1C7-3F8CD536244D@opensail.org> <20061108082233.agry96udb4k0sckk@webmail.leidinger.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Nov 7, 2006, at 11:22 PM, Alexander Leidinger wrote: > Quoting Wes Peters <wes@opensail.org> (from Tue, 7 Nov 2006 > 20:19:40 -0800): > >> --- /etc/rc.d/dmesg Sat May 6 21:00:26 2006 >> +++ dmesg Tue Nov 7 20:17:47 2006 >> @@ -19,8 +19,10 @@ >> do_dmesg() >> { >> - rm -f ${dmesg_file} >> + mv -f ${dmesg_file} ${dmesg_file}.prev >> ( umask 022 ; /sbin/dmesg $rc_flags > ${dmesg_file} ) >> + cmp -s ${dmesg_file} ${dmesg_file}.prev || \ >> + logger -p security.warn 'dmesg.boot changed from >> previous boot' >> } >> load_rc_config $name >> >> >> If you like that, I'm willing to discuss it further, and/or commit it >> and let the howling tell if it's a keeper or not. ;^) > > Did you try this? I didn't, but I would expect to see this message > _every time_ (because of minor timecounter rate changes). Yes, but only once, and then forced a change by re-running it. Maybe I just got 'lucky.' Feel free to suggest 'better' tests, or parts to throw out of dmesg.boot before the test. -- Where am I, and what am I doing in this handbasket? Wes Peters wes@softweyr.com
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1794F6F9-3F65-4771-ACF6-23D00101B72D>