From owner-freebsd-questions@freebsd.org Sat Oct 24 05:08:55 2015 Return-Path: Delivered-To: freebsd-questions@mailman.ysv.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:1900:2254:206a::19:1]) by mailman.ysv.freebsd.org (Postfix) with ESMTP id 75EA0A1C9B9 for ; Sat, 24 Oct 2015 05:08:55 +0000 (UTC) (envelope-from erichsfreebsdlist@alogt.com) Received: from alogt.com (alogt.com [69.36.191.58]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (Client did not present a certificate) by mx1.freebsd.org (Postfix) with ESMTPS id 522FA17FD for ; Sat, 24 Oct 2015 05:08:55 +0000 (UTC) (envelope-from erichsfreebsdlist@alogt.com) DKIM-Signature: v=1; a=rsa-sha256; q=dns/txt; c=relaxed/relaxed; d=alogt.com; s=default; h=Content-Transfer-Encoding:Content-Type:MIME-Version:References: In-Reply-To:Message-ID:Subject:To:From:Date; bh=HqY9fdngXC9/K/HFatDZ5TMaQfrxVSGYMSqw+HmfmKE=; b=W4vb7HDWcXUNKAJhk7/1HV+bTn wIm1+EhaFY7x/A84E8we6sPoHT0pWASBnA8kWvpKNAl2XhUnlYBZB2LZano4Zfpl5hKZ0yqWzKUEB aDsjomv8CL2hbiqmu8ShRsm7J/OpQgX/qDWfWlP3wMtGLvA+MS2WCU7e6VDwwP2/jH18=; Received: from [114.121.157.99] (port=61027 helo=X220.alogt.com) by sl-508-2.slc.westdc.net with esmtpsa (TLSv1.2:AES128-GCM-SHA256:128) (Exim 4.86) (envelope-from ) id 1Zpr4X-001acj-4y for freebsd-questions@freebsd.org; Fri, 23 Oct 2015 23:08:53 -0600 Date: Sat, 24 Oct 2015 13:08:48 +0800 From: Erich Dollansky To: freebsd-questions@freebsd.org Subject: Re: replace uname -a informational string Message-ID: <20151024130848.0a7e946f@X220.alogt.com> In-Reply-To: <1445658972.13154.44.camel@michaeleichorn.com> References: <20151023090805.5484ce9b@freyja.zeit4.iv.bundesimmobilien.de> <1445622325.1169.29.camel@michaeleichorn.com> <20151023225424.49220466.ohartman@zedat.fu-berlin.de> <20151024080936.0ff26783@X220.alogt.com> <1445658972.13154.44.camel@michaeleichorn.com> MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit X-AntiAbuse: This header was added to track abuse, please include it with any abuse report X-AntiAbuse: Primary Hostname - sl-508-2.slc.westdc.net X-AntiAbuse: Original Domain - freebsd.org X-AntiAbuse: Originator/Caller UID/GID - [47 12] / [47 12] X-AntiAbuse: Sender Address Domain - alogt.com X-Get-Message-Sender-Via: sl-508-2.slc.westdc.net: authenticated_id: erichsfreebsdlist@alogt.com X-Authenticated-Sender: sl-508-2.slc.westdc.net: erichsfreebsdlist@alogt.com X-Source: X-Source-Args: X-Source-Dir: X-BeenThere: freebsd-questions@freebsd.org X-Mailman-Version: 2.1.20 Precedence: list List-Id: User questions List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 24 Oct 2015 05:08:55 -0000 Hi, On Fri, 23 Oct 2015 23:56:12 -0400 "Michael B. Eichorn" wrote: > On Sat, 2015-10-24 at 08:09 +0800, Erich Dollansky wrote: > > On Fri, 23 Oct 2015 22:54:24 +0200 > > "O. Hartmann" wrote: > > > Am Fri, 23 Oct 2015 13:45:25 -0400 > > > "Michael B. Eichorn" schrieb: > > > Because it is not only the hostname, uname reveals the target > > > host, date and OS version. > > > > > > In our case, the image ist built on a dedicated host for a > > > security appliabce based on NanoBSD and I'd like to hide the OS > > > type, the OS name, the build box' name and the build date. > > > > > why not replace uname at the source level then? > > That wouldn't hide the information in any substantial way. Uname is > basically an abstraction of a subset of sysctls. As such, the > information is integral to the kernel itself. Uname is just one of > many tools that can be used to display this information. > > Fundamentally the kernel itself needs to be changed not uname. we have too little information what would be sufficient for him as we do not know from whom he wants to hide this. I do not believe that serious hackers would use uname to identify the target. As somebody else has mentioned, changing the copyright notice in the kernel would have a legal impact. Erich