On Tue, Nov 06, 2012 at 09:27:04PM +0200, Konstantin Belousov wrote: > On Tue, Nov 06, 2012 at 07:46:58PM +0100, Paul Schenkeveld wrote: > > Hi, > > > > When creating a swap based md(4) it may contain data which to me feels > > like a security leak: > > > > # mdconfig -a -t swap -s 1m > > md0 > > # hd /dev/md0 > > 00000000 c0 9b a8 00 08 00 00 00 00 5c 53 00 08 00 00 00 > > |?.?......\S.....| > > 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 > > |................| > > * > > 00000250 38 9f a8 00 08 00 00 00 00 5c 53 00 08 00 00 00 > > |8.?......\S.....| > > 00000260 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 > > |................| > > * > > 00000330 88 a0 a8 00 08 00 00 00 00 5c 53 00 08 00 00 00 > > |.?......\S.....| > > 00000340 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 > > |................| > > * > > 00000370 e8 a0 a8 00 08 00 00 00 00 5c 53 00 08 00 00 00 > > |??......\S.....| > > 00000380 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 > > |................| > > * > > 000005b0 48 a4 a8 00 08 00 00 00 00 5c 53 00 08 00 00 00 > > |H??......\S.....| > > 000005c0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 > > |................| > > * > > ^C > > # ls -l /dev/md0 > > crw-r----- 1 root operator 0xc8 Nov 6 19:42 /dev/md0 > > # > > > > Although not world-readable, it just doesn't feel right to me. > > > > Any thoughts? > > It is definitely not a security issue. The md device is not user-accessible, > as you noted. A filesystem run over the device need to ensure that user > process never get on-disk garbage without first initializing the blocks.
What about this scenario: - Root uses nanobsd.sh to make an image - The .conf file has NANO_MD_BACKING="swap" (I believe phk@ was against this feature but it is in nanobsd.sh now) - Root places the image on a public FTP site and this way exposes swap data. -- Paul Schenkeveld _______________________________________________ freebsd-security@freebsd.org mailing list http://lists.freebsd.org/mailman/listinfo/freebsd-security To unsubscribe, send any mail to "freebsd-security-unsubscr...@freebsd.org"
