Date: Thu, 20 Nov 2008 17:39:36 +1100 From: Peter Jeremy <peterjeremy@optushome.com.au> To: Jeremy Chadwick <koitsu@freebsd.org> Cc: FreeBSD Hackers <freebsd-hackers@freebsd.org> Subject: Re: [Testers wanted] /dev/console cleanups Message-ID: <20081120063936.GU51761@server.vk2pj.dyndns.org> In-Reply-To: <20081119104731.GA83366@icarus.home.lan> References: <e71790db0810271936r1ce4619an1d64c6aae62c3ec1@mail.gmail.com> <20081028081154.GQ6808@hoeg.nl> <20081118213410.GA81783@hoeg.nl> <20081118214919.GM83287@bunrab.catwhisker.org> <7d6fde3d0811190202p4f6d8941h3932b70b8fe1a93a@mail.gmail.com> <20081119104731.GA83366@icarus.home.lan>
next in thread | previous in thread | raw e-mail | index | archive | help
--oOpJzULQ70+PGW7h Content-Type: text/plain; charset=us-ascii Content-Disposition: inline Content-Transfer-Encoding: quoted-printable On 2008-Nov-19 02:47:31 -0800, Jeremy Chadwick <koitsu@freebsd.org> wrote: >There's a known "issue" with the kernel message buffer though: it's not >NULL'd out upon reboot. This is deliberate. If the system panics, stuff that was in the message buffer (and might not be on disk) can be read when the system reboots. If there is no crashdump, this might be the only record of what happened. > Meaning, in some cases (depends on the BIOS or >system), the kernel message buffer from single-user mode is retained >even after a reboot! A user can then do "dmesg" and see all the nifty >stuff you've done during single-user, which could include unencrypted >passwords if mergemaster was tinkering with passwd/master.passwd, etc.. There shouldn't be unencrypted passwords, though there might be encrypted passwords visible. >Rink Springer created a patch where the kernel message buffer will start >with NULL to keep this from happening, but it needs to be made into a >loader.conf tunable. I hope that never gets committed - it will make debugging kernel problems much harder. There is already a kern.msgbuf_clear sysctl and maybe people who are concerned about msgbuf leakage need to learn to use it. --=20 Peter Jeremy Please excuse any delays as the result of my ISP's inability to implement an MTA that is either RFC2821-compliant or matches their claimed behaviour. --oOpJzULQ70+PGW7h Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v2.0.9 (FreeBSD) iEYEARECAAYFAkklBigACgkQ/opHv/APuIfe7gCgwE65CL/NlY1YY3rY/WYN5FcM aYMAnRTfUD4o8FPXAjDX5jNaLj00iOlN =z8z3 -----END PGP SIGNATURE----- --oOpJzULQ70+PGW7h--
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20081120063936.GU51761>