On Wed, Nov 07, 2012 at 01:36:55PM +0100, Dag-Erling Sm??rgrav wrote:
> Konstantin Belousov writes:
> > It is definitely not a security issue.
>
> I disagree. There may be legitimate reasons for root to create an md
> and give read access to an unprivileged user, under the assumption that
> it i
On Wed, Nov 07, 2012 at 02:14:36PM +0100, Paul Schenkeveld wrote:
> On Wed, Nov 07, 2012 at 06:03:46PM +1100, Dewayne Geraghty wrote:
> > An excellent example of where swap shouldn't be used. It isn't the use of
> > the swap file that is the issue, it is how the output of
> > using swap is used.
On Wed, Nov 07, 2012 at 06:03:46PM +1100, Dewayne Geraghty wrote:
> An excellent example of where swap shouldn't be used. It isn't the use of
> the swap file that is the issue, it is how the output of
> using swap is used. PHK was right in his advice to not use swap.
>
> Good catch, nanobsd.sh
An excellent example of where swap shouldn't be used. It isn't the use of the
swap file that is the issue, it is how the output of
using swap is used. PHK was right in his advice to not use swap.
Good catch, nanobsd.sh should be changed.
___
freebsd-
Paul,
This is akin to dd if=/dev/ada0s1b of=/tmp/File
Where ada01b is the swap partition and then reading through the output. Its
really nothing to be concerned about, and not worth
zeroing the page for :)
Regards, Dewayne.
___
freebsd-security@freeb
Konstantin Belousov writes:
> It is definitely not a security issue.
I disagree. There may be legitimate reasons for root to create an md
and give read access to an unprivileged user, under the assumption that
it is zeroed; or to allow root in a jail to create mds.
> That said, the following pa
On Tue, Nov 06, 2012 at 09:27:04PM +0200, Konstantin Belousov wrote:
> On Tue, Nov 06, 2012 at 07:46:58PM +0100, Paul Schenkeveld wrote:
> > Hi,
> >
> > When creating a swap based md(4) it may contain data which to me feels
> > like a security leak:
> >
> > # mdconfig -a -t swap -s 1m
> > md0
On Tue, Nov 06, 2012 at 07:46:58PM +0100, Paul Schenkeveld wrote:
> Hi,
>
> When creating a swap based md(4) it may contain data which to me feels
> like a security leak:
>
> # mdconfig -a -t swap -s 1m
> md0
> # hd /dev/md0
> c0 9b a8 00 08 00 00 00 00 5c 53 00 08 00 00 00
>
Hi,
When creating a swap based md(4) it may contain data which to me feels
like a security leak:
# mdconfig -a -t swap -s 1m
md0
# hd /dev/md0
c0 9b a8 00 08 00 00 00 00 5c 53 00 08 00 00 00 |À.¨..\S.|
0010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |
