Date: Wed, 12 Jan 2000 06:30:04 -0800 (PST) From: Daniel Hagan <dhagan@cs.vt.edu> To: freebsd-bugs@FreeBSD.org Subject: Re: bin/4238 - chpass time delay sensitivity [PATCH] Message-ID: <200001121430.GAA35639@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR bin/4238; it has been noted by GNATS. From: Daniel Hagan <dhagan@cs.vt.edu> To: Peter Wemm <peter@netplex.com.au> Cc: freebsd-gnats-submit@FreeBSD.org Subject: Re: bin/4238 - chpass time delay sensitivity [PATCH] Date: Wed, 12 Jan 2000 09:26:11 -0500 (EST) On Wed, 12 Jan 2000, Peter Wemm wrote: > Just as a by-the-way, this won't work on a system with a raised securelevel > which will prevent the time being set backwards. So don't make it a fatal > error if the time cannot be set. Or, if it fails to set back, sleep for a > second instead... Or even do a while loop waiting for the current time to > tick over to the next second and be later than the time on the file (again > using usleep or something for a 1/10th of a second sleep interval). > > The sure-fire way to detect an edit is to do a md5 of the file. There's > quite a few examples of code to do this sort of thing around the tree (ie: > taking the md5 checksum). Then compare a before-and-after checksum. I have no problem writing the code to do a md5 sum. I didn't realize the effects of secure-levels here, so it probably makes sense to move to the checksum method. I'll try to do a rewrite over the next couple of days. Daniel -- Daniel Hagan Computer Science CSE dhagan@cs.vt.edu http://www.cs.vt.edu/~dhagan/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200001121430.GAA35639>