>Number: 172661 >Category: misc >Synopsis: hostapd securing wireless adapter in HostAP mode is started >too late >Confidential: no >Severity: non-critical >Priority: low >Responsible: freebsd-bugs >State: open >Quarter: >Keywords: >Date-Required: >Class: change-request >Submitter-Id: current-users >Arrival-Date: Sat Oct 13 13:40:00 UTC 2012 >Closed-Date: >Last-Modified: >Originator: Boris Lytochkin >Release: 10.0-CURRENT >Organization: Yandex, LLC >Environment: FreeBSD gate.home 10.0-CURRENT FreeBSD 10.0-CURRENT #8: Sat Sep 29 06:31:21 MSK 2012 r...@gate.home:/usr/obj/usr/src/sys/GATEv2 i386
>Description: hostupd rc-script is scheduled for running in a trail of rc-scripts thus it should run as much close to netif as possible: if one is using wireless adapter in hostap mode, nnetif configures it into this mode BUT with no security applied. The interval between netif and hostapd launches this wireless network runs unsecured. >How-To-Repeat: Configure wlan0 into hostap mode, configure hostapd. Reboot machine and observe your wireless network running without any security for 30-40 seconds or even couple of minutes. >Fix: 1) hostapd should be inserted into NETWORKING REQUIRE record. 2) netif should be inserted into hostapd REQUIRE record. This will significantly reduce period of unsecured wireless network running though not eliminating it totally. Another approach is to introduce hostapd_ifaces variable and controlling wireless interface UP/DOWN state from rc-script. Ideally both of approaches should be implemented. >Release-Note: >Audit-Trail: >Unformatted: _______________________________________________ freebsd-bugs@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-bugs To unsubscribe, send any mail to "freebsd-bugs-unsubscr...@freebsd.org"
