From owner-freebsd-security@FreeBSD.ORG Fri Aug 27 11:51:09 2004 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 6A28616A4CE for ; Fri, 27 Aug 2004 11:51:09 +0000 (GMT) Received: from Neo-Vortex.Ath.Cx (203-217-81-134.dyn.iinet.net.au [203.217.81.134]) by mx1.FreeBSD.org (Postfix) with ESMTP id 0540143D53 for ; Fri, 27 Aug 2004 11:51:08 +0000 (GMT) (envelope-from root@Neo-Vortex.Ath.Cx) Received: from localhost.Neo-Vortex.got-root.cc (Neo-Vortex@localhost.Neo-Vortex.got-root.cc [127.0.0.1]) by Neo-Vortex.Ath.Cx (8.12.10/8.12.10) with ESMTP id i7RBp40p095974; Fri, 27 Aug 2004 21:51:05 +1000 (EST) (envelope-from root@Neo-Vortex.Ath.Cx) Date: Fri, 27 Aug 2004 21:51:04 +1000 (EST) From: Neo-Vortex To: Anton Alin-Adrian In-Reply-To: <412F13AB.6050801@spintech.ro> Message-ID: <20040827214909.K95897@Neo-Vortex.Ath.Cx> References: <20040827002100.GB653@vista.netmemetic.com> <20040827154731.G78094@Neo-Vortex.Ath.Cx> <20040827200714.C90788@Neo-Vortex.Ath.Cx> <412F13AB.6050801@spintech.ro> MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII cc: freebsd-security@freebsd.org Subject: Re: ipfw core dump X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Fri, 27 Aug 2004 11:51:09 -0000 On Fri, 27 Aug 2004, Anton Alin-Adrian wrote: > Neo-Vortex wrote: > > On Fri, 27 Aug 2004, Anton Alin-Adrian wrote: > > > > > >>Yes, it would be nice if you could also attach the ipfw.core file. > > > > > > he he, you think hes stupid? core files can contain sensative > > information... also it would be pointless unless we had the exact same > > binary as he had with the same libraries (well, not entirely pointless, > > but easier for him to do it :P) > > > > > > No i was not thinking of anything unethical. He could have inspected the > .core file before sending it. Yes, but say he didnt... and not neccessairly you, but anyone who is subscribed to these forums... > > However, I doubt an ipfw core file would contain sensitive information > (like passwords and etc). What could it contain, the ACL? The ACL is not > secret and who cares anyway? if it is indeed backdoor'd who knows what it could be accessing at the time? > > I'm just interested in possible firewall bugs. yes, but it would be easier to get him to load up gdb and do a backtrace on it as for the whole same version of file and libraries thing... > > Yours, > -- > Alin-Adrian Anton > Spintech Systems > GPG keyID 0x1E2FFF2E (2963 0C11 1AF1 96F6 0030 6EE9 D323 639D 1E2F FF2E) > gpg --keyserver pgp.mit.edu --recv-keys 1E2FFF2E > _______________________________________________ > freebsd-security@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-security > To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org" >