Date: Tue, 7 Nov 2006 23:28:15 -0800 From: Wes Peters <wes@opensail.org> To: Alexander Leidinger <Alexander@leidinger.net> Cc: freebsd-security@freebsd.org Subject: Re: freebsd-security Digest, Vol 184, Issue 2 Message-ID: <1794F6F9-3F65-4771-ACF6-23D00101B72D@opensail.org> In-Reply-To: <20061108082233.agry96udb4k0sckk@webmail.leidinger.net> References: <20061104163000.30D2516A7A6@hub.freebsd.org> <0C344F30-40A1-4B08-A1C7-3F8CD536244D@opensail.org> <20061108082233.agry96udb4k0sckk@webmail.leidinger.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Nov 7, 2006, at 11:22 PM, Alexander Leidinger wrote:
> Quoting Wes Peters <wes@opensail.org> (from Tue, 7 Nov 2006
> 20:19:40 -0800):
>
>> --- /etc/rc.d/dmesg Sat May 6 21:00:26 2006
>> +++ dmesg Tue Nov 7 20:17:47 2006
>> @@ -19,8 +19,10 @@
>> do_dmesg()
>> {
>> - rm -f ${dmesg_file}
>> + mv -f ${dmesg_file} ${dmesg_file}.prev
>> ( umask 022 ; /sbin/dmesg $rc_flags > ${dmesg_file} )
>> + cmp -s ${dmesg_file} ${dmesg_file}.prev || \
>> + logger -p security.warn 'dmesg.boot changed from
>> previous boot'
>> }
>> load_rc_config $name
>>
>>
>> If you like that, I'm willing to discuss it further, and/or commit it
>> and let the howling tell if it's a keeper or not. ;^)
>
> Did you try this? I didn't, but I would expect to see this message
> _every time_ (because of minor timecounter rate changes).
Yes, but only once, and then forced a change by re-running it. Maybe
I just got 'lucky.' Feel free to suggest 'better' tests, or parts to
throw out of dmesg.boot before the test.
--
Where am I, and what am I doing in this handbasket?
Wes Peters
wes@softweyr.com
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?1794F6F9-3F65-4771-ACF6-23D00101B72D>