Skip site navigation (1)Skip section navigation (2)
Date:      Thu, 20 Nov 2008 17:39:36 +1100
From:      Peter Jeremy <peterjeremy@optushome.com.au>
To:        Jeremy Chadwick <koitsu@freebsd.org>
Cc:        FreeBSD Hackers <freebsd-hackers@freebsd.org>
Subject:   Re: [Testers wanted] /dev/console cleanups
Message-ID:  <20081120063936.GU51761@server.vk2pj.dyndns.org>
In-Reply-To: <20081119104731.GA83366@icarus.home.lan>
References:  <e71790db0810271936r1ce4619an1d64c6aae62c3ec1@mail.gmail.com> <20081028081154.GQ6808@hoeg.nl> <20081118213410.GA81783@hoeg.nl> <20081118214919.GM83287@bunrab.catwhisker.org> <7d6fde3d0811190202p4f6d8941h3932b70b8fe1a93a@mail.gmail.com> <20081119104731.GA83366@icarus.home.lan>

next in thread | previous in thread | raw e-mail | index | archive | help

--oOpJzULQ70+PGW7h
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On 2008-Nov-19 02:47:31 -0800, Jeremy Chadwick <koitsu@freebsd.org> wrote:
>There's a known "issue" with the kernel message buffer though: it's not
>NULL'd out upon reboot.

This is deliberate.  If the system panics, stuff that was in the
message buffer (and might not be on disk) can be read when the system
reboots.  If there is no crashdump, this might be the only record of
what happened.

>  Meaning, in some cases (depends on the BIOS or
>system), the kernel message buffer from single-user mode is retained
>even after a reboot!  A user can then do "dmesg" and see all the nifty
>stuff you've done during single-user, which could include unencrypted
>passwords if mergemaster was tinkering with passwd/master.passwd, etc..

There shouldn't be unencrypted passwords, though there might be encrypted
passwords visible.

>Rink Springer created a patch where the kernel message buffer will start
>with NULL to keep this from happening, but it needs to be made into a
>loader.conf tunable.

I hope that never gets committed - it will make debugging kernel
problems much harder.  There is already a kern.msgbuf_clear sysctl and
maybe people who are concerned about msgbuf leakage need to learn to
use it.

--=20
Peter Jeremy
Please excuse any delays as the result of my ISP's inability to implement
an MTA that is either RFC2821-compliant or matches their claimed behaviour.

--oOpJzULQ70+PGW7h
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v2.0.9 (FreeBSD)

iEYEARECAAYFAkklBigACgkQ/opHv/APuIfe7gCgwE65CL/NlY1YY3rY/WYN5FcM
aYMAnRTfUD4o8FPXAjDX5jNaLj00iOlN
=z8z3
-----END PGP SIGNATURE-----

--oOpJzULQ70+PGW7h--



Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20081120063936.GU51761>