From owner-freebsd-bugs  Wed Jan 12  6:30: 9 2000
Delivered-To: freebsd-bugs@freebsd.org
Received: from freefall.freebsd.org (freefall.FreeBSD.ORG [204.216.27.21])
	by hub.freebsd.org (Postfix) with ESMTP id 06EBA15464
	for <freebsd-bugs@FreeBSD.org>; Wed, 12 Jan 2000 06:30:05 -0800 (PST)
	(envelope-from gnats@FreeBSD.org)
Received: (from gnats@localhost)
	by freefall.freebsd.org (8.9.3/8.9.2) id GAA35639;
	Wed, 12 Jan 2000 06:30:04 -0800 (PST)
	(envelope-from gnats@FreeBSD.org)
Date: Wed, 12 Jan 2000 06:30:04 -0800 (PST)
Message-Id: <200001121430.GAA35639@freefall.freebsd.org>
To: freebsd-bugs@FreeBSD.org
Cc: 
From: Daniel Hagan <dhagan@cs.vt.edu>
Subject: Re: bin/4238 - chpass time delay sensitivity [PATCH] 
Reply-To: Daniel Hagan <dhagan@cs.vt.edu>
Sender: owner-freebsd-bugs@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.org

The following reply was made to PR bin/4238; it has been noted by GNATS.

From: Daniel Hagan <dhagan@cs.vt.edu>
To: Peter Wemm <peter@netplex.com.au>
Cc: freebsd-gnats-submit@FreeBSD.org
Subject: Re: bin/4238 - chpass time delay sensitivity [PATCH] 
Date: Wed, 12 Jan 2000 09:26:11 -0500 (EST)

 On Wed, 12 Jan 2000, Peter Wemm wrote:
 
 > Just as a by-the-way, this won't work on a system with a raised securelevel
 > which will prevent the time being set backwards.  So don't make it a fatal
 > error if the time cannot be set.  Or, if it fails to set back, sleep for a
 > second instead...  Or even do a while loop waiting for the current time to
 > tick over to the next second and be later than the time on the file (again
 > using usleep or something for a 1/10th of a second sleep interval).
 > 
 > The sure-fire way to detect an edit is to do a md5 of the file.  There's
 > quite a few examples of code to do this sort of thing around the tree (ie:
 > taking the md5 checksum).  Then compare a before-and-after checksum.
 
 I have no problem writing the code to do a md5 sum.  I didn't realize the
 effects of secure-levels here, so it probably makes sense to move to the
 checksum method.  I'll try to do a rewrite over the next couple of days.
 
 Daniel
 
 -- 
 Daniel Hagan                                             Computer Science CSE
 dhagan@cs.vt.edu                                http://www.cs.vt.edu/~dhagan/
 
 


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message