Page MenuHomeFreeBSD

securityUmbrella
ActivePublic

Recent Activity

Aug 29 2023

markj added a comment to D41614: geli: fix setkey behavior on detached providers.

The change looks Okay to me but I wonder if we should separate the variable into two cached values, one for new and the other for !new.

When changing multiple providers at the same time, this would allow the library to cache both passphrases so the user don't have to enter them over and over again.

Aug 29 2023, 1:35 PM · security, secteam
delphij added a comment to D41614: geli: fix setkey behavior on detached providers.

The change looks Okay to me but I wonder if we should separate the variable into two cached values, one for new and the other for !new.

Aug 29 2023, 4:03 AM · security, secteam

Aug 28 2023

freebsd_igalic.co added reviewers for D41614: geli: fix setkey behavior on detached providers: secteam, security.
Aug 28 2023, 10:12 AM · security, secteam

Aug 8 2023

devnull_apt322.org added a watcher for security: devnull_apt322.org.
Aug 8 2023, 6:45 PM

Mar 26 2023

guest-patmaddox removed a watcher for security: guest-patmaddox.
Mar 26 2023, 6:50 PM
guest-patmaddox added a watcher for security: guest-patmaddox.
Mar 26 2023, 11:35 AM

Mar 6 2023

ngie abandoned D38835: openssl: Vendor import of OpenSSL-3.0.8.

Merged as https://reviews.freebsd.org/rGe4520c8bd1d3 .

Mar 6 2023, 7:54 PM · security, secteam

Mar 4 2023

ngie added a comment to D38835: openssl: Vendor import of OpenSSL-3.0.8.

Are there any objections to continuing with the creation of the vendor/openssl-3.0 branch?

Mar 4 2023, 5:45 AM · security, secteam

Mar 3 2023

ngie added a comment to D38835: openssl: Vendor import of OpenSSL-3.0.8.
In D38835#884813, @dim wrote:
In D38835#884784, @ngie wrote:

Part of what I would like to do based on informal discussions in IRC is to put OpenSSL 3 into its own subdirectory, make it into a private library (props goes to @dim for the idea!) and transition utilities in base over to OpenSSL 3, then work on the ports story with @brnrd .

If openssl3 is going to be a private lib, then ports can't use it at all, right? I see there is already security/openssl which is 1.1.1t, and security/openssl-devel which is 3.0.8 (strange, because the development version of OpenSSL is 3.1.0 but I digress). So ports would have to link against the former or the latter (and can't use both). Also, if we make a private openssl3 lib, we'll have to rename all symbols so as to not conflict with ports. Alternatively, the ports openssl versions should rename all _their_ symbols to not conflict. That might also solve the problem of mixing 1.1 and 3.0.

In any case, getting openssl3 in side-by-side is a good first step, allowing piecemeal work to be done.

Mar 3 2023, 7:14 PM · security, secteam

Mar 2 2023

dim added a comment to D38835: openssl: Vendor import of OpenSSL-3.0.8.
In D38835#884784, @ngie wrote:

Part of what I would like to do based on informal discussions in IRC is to put OpenSSL 3 into its own subdirectory, make it into a private library (props goes to @dim for the idea!) and transition utilities in base over to OpenSSL 3, then work on the ports story with @brnrd .

Mar 2 2023, 6:51 PM · security, secteam
ngie updated subscribers of D38835: openssl: Vendor import of OpenSSL-3.0.8.

Part of what I would like to do based on informal discussions in IRC is to put OpenSSL 3 into its own subdirectory, make it into a private library (props goes to @dim for the idea!) and transition utilities in base over to OpenSSL 3, then work on the ports story with @brnrd .

Mar 2 2023, 6:38 PM · security, secteam
ngie added a comment to D38835: openssl: Vendor import of OpenSSL-3.0.8.
In D38835#884625, @jkim wrote:
In D38835#884575, @ngie wrote:

I followed a different import process than what’s described in FreeBSD-UPGRADE because it was much simpler for me to use rsync -av —-delete to update the contents than multiple calls to find/tar/comm.

Actually, we need to rewrite both FreeBSD-upgrade and FreeBSD-Xlist from scratch for OpenSSL 3.0 because it is quite different.

Mar 2 2023, 6:35 PM · security, secteam
jkim added a comment to D38835: openssl: Vendor import of OpenSSL-3.0.8.
In D38835#884575, @ngie wrote:

I followed a different import process than what’s described in FreeBSD-UPGRADE because it was much simpler for me to use rsync -av —-delete to update the contents than multiple calls to find/tar/comm.

Mar 2 2023, 6:19 PM · security, secteam
ngie added a comment to D38835: openssl: Vendor import of OpenSSL-3.0.8.

I assume your vendor/openssl-3.0 branch started from the current vendor/openssl?

Mar 2 2023, 5:45 PM · security, secteam

Mar 1 2023

emaste added a comment to D38835: openssl: Vendor import of OpenSSL-3.0.8.

I assume your vendor/openssl-3.0 branch started from the current vendor/openssl?

Mar 1 2023, 3:22 PM · security, secteam
ngie updated the test plan for D38835: openssl: Vendor import of OpenSSL-3.0.8.
Mar 1 2023, 3:42 AM · security, secteam
ngie updated the test plan for D38835: openssl: Vendor import of OpenSSL-3.0.8.
Mar 1 2023, 3:39 AM · security, secteam
ngie retitled D38835: openssl: Vendor import of OpenSSL-3.0.8 from Summary: openssl: Vendor import of OpenSSL-3.0.8 to openssl: Vendor import of OpenSSL-3.0.8.
Mar 1 2023, 3:32 AM · security, secteam
ngie added projects to D38835: openssl: Vendor import of OpenSSL-3.0.8: secteam, security.
Mar 1 2023, 3:31 AM · security, secteam

Nov 30 2022

ghislain_smartix.llc added a watcher for security: ghislain_smartix.llc.
Nov 30 2022, 2:54 AM

Sep 21 2022

firk_cantconnect.ru added a comment to D34579: Verify directory fds against chroot when receiving them through SCM_RIGHTS.

I can't see how this can be used maliciously, e.g. forcing some application outside of jail to send its SCM_RIGHTS to a jail.

Sep 21 2022, 9:33 PM · network, Jails, security

Sep 8 2022

glebius added a comment to D34579: Verify directory fds against chroot when receiving them through SCM_RIGHTS.

I can't see how this can be used maliciously, e.g. forcing some application outside of jail to send its SCM_RIGHTS to a jail. Even if such case exists for a certain application, that would be bug in that application, IMHO. The initial idea of SCM_RIGHTS was actually to grant rights intentionally, so there can be a valid case for a certain application that wants to grant rights to its peer in a jail.

Sep 8 2022, 4:32 AM · network, Jails, security

Sep 1 2022

cy added a member for security: cy.
Sep 1 2022, 4:54 PM

Jun 3 2022

firk_cantconnect.ru updated subscribers of D34579: Verify directory fds against chroot when receiving them through SCM_RIGHTS.
Jun 3 2022, 10:24 PM · network, Jails, security

Mar 29 2022

firk_cantconnect.ru added a comment to D34579: Verify directory fds against chroot when receiving them through SCM_RIGHTS.

For example it is possible to share file descriptor tables, and one of the processes may not be encumbered by the jail.

Mar 29 2022, 2:34 PM · network, Jails, security
mjg added a comment to D34579: Verify directory fds against chroot when receiving them through SCM_RIGHTS.

I'm going to have to sleep on the approach. This is a known escape, but I don't know if the method used can fully plug it. For example it is possible to share file descriptor tables, and one of the processes may not be encumbered by the jail. As is it does solve it for processes which have no way to talk to each other apart from a partially shared fs though.

Mar 29 2022, 12:46 PM · network, Jails, security

Mar 28 2022

firk_cantconnect.ru updated subscribers of D34579: Verify directory fds against chroot when receiving them through SCM_RIGHTS.
Mar 28 2022, 9:48 PM · network, Jails, security

Mar 16 2022

firk_cantconnect.ru updated the test plan for D34579: Verify directory fds against chroot when receiving them through SCM_RIGHTS.
Mar 16 2022, 6:59 PM · network, Jails, security
firk_cantconnect.ru requested review of D34579: Verify directory fds against chroot when receiving them through SCM_RIGHTS.
Mar 16 2022, 10:28 AM · network, Jails, security

Mar 15 2022

firk_cantconnect.ru retitled D34560: Add mount option to disallow creating sockets on filesystem from Add mount option to disallow creating socketson filesystem to Add mount option to disallow creating sockets on filesystem.
Mar 15 2022, 12:25 AM · security, network, Jails

Mar 14 2022

firk_cantconnect.ru requested review of D34560: Add mount option to disallow creating sockets on filesystem.
Mar 14 2022, 11:28 PM · security, network, Jails

Feb 17 2022

cperciva closed D20780: Add support for getting early entropy from the UEFI RNG protocol.
Feb 17 2022, 9:12 PM · csprng, security, arm64
cperciva added a comment to D20780: Add support for getting early entropy from the UEFI RNG protocol.

I'll do the commit. Thanks to Greg for writing this and to everyone who helped to review it!

Feb 17 2022, 9:11 PM · csprng, security, arm64

Feb 16 2022

markm added a comment to D20780: Add support for getting early entropy from the UEFI RNG protocol.

Who is going to do the actual commit? I'm happy to do it if no-one else wants to? Whoever does it has csprng@ green-light.

Feb 16 2022, 6:16 PM · csprng, security, arm64
kevans accepted D20780: Add support for getting early entropy from the UEFI RNG protocol.

Last nit can be done pre-commit or I can whack it post-commit; ok from lua perspective.

Feb 16 2022, 1:09 AM · csprng, security, arm64
kevans added inline comments to D20780: Add support for getting early entropy from the UEFI RNG protocol.
Feb 16 2022, 1:08 AM · csprng, security, arm64
cperciva added a comment to D20780: Add support for getting early entropy from the UEFI RNG protocol.

Is this ready to be committed? I'm happy to do it myself but markm said he was going to commit (prior to the latest round of changes) -- don't want to commit prematurely if you're still waiting for something.

Feb 16 2022, 12:50 AM · csprng, security, arm64

Jan 29 2022

markm accepted D20780: Add support for getting early entropy from the UEFI RNG protocol.
Jan 29 2022, 10:17 AM · csprng, security, arm64

Jan 28 2022

markm added inline comments to D20780: Add support for getting early entropy from the UEFI RNG protocol.
Jan 28 2022, 6:05 PM · csprng, security, arm64
val_packett.cool updated the diff for D20780: Add support for getting early entropy from the UEFI RNG protocol.

Yep, I've had basically the exact same opinion as @delphij about the copyright. Let's go with Intel.

Jan 28 2022, 11:59 AM · csprng, security, arm64

Jan 27 2022

delphij accepted D20780: Add support for getting early entropy from the UEFI RNG protocol.
Jan 27 2022, 5:52 PM · csprng, security, arm64
markm added inline comments to D20780: Add support for getting early entropy from the UEFI RNG protocol.
Jan 27 2022, 5:42 PM · csprng, security, arm64

Jan 26 2022

val_packett.cool updated the diff for D20780: Add support for getting early entropy from the UEFI RNG protocol.

So seems like it's easier to just do it all in core.lua, which is where lots of config accesses are anyway.

Jan 26 2022, 9:31 PM · csprng, security, arm64

Jan 17 2022

markm added a comment to D20780: Add support for getting early entropy from the UEFI RNG protocol.
In D20780#766778, @greg_unrelenting.technology wrote:

err, I have not addressed the "isUEFIBoot" thing and the "This file needs a copyright / license at the top" thing…

Jan 17 2022, 8:42 AM · csprng, security, arm64

Jan 16 2022

val_packett.cool added a comment to D20780: Add support for getting early entropy from the UEFI RNG protocol.

err, I have not addressed the "isUEFIBoot" thing and the "This file needs a copyright / license at the top" thing…

Jan 16 2022, 1:24 PM · csprng, security, arm64

Jan 15 2022

cperciva added a comment to D20780: Add support for getting early entropy from the UEFI RNG protocol.

Thanks! Can you also MFC it to stable/13 after a week?

Jan 15 2022, 5:48 PM · csprng, security, arm64
markm added a comment to D20780: Add support for getting early entropy from the UEFI RNG protocol.

Is this waiting for anything else before it gets committed?

Jan 15 2022, 9:30 AM · csprng, security, arm64

Jan 14 2022

Herald added a reviewer for D20780: Add support for getting early entropy from the UEFI RNG protocol: manu.

Is this waiting for anything else before it gets committed?

Jan 14 2022, 10:14 PM · csprng, security, arm64

Nov 16 2021

mw closed D27666: Enable ASLR by default for 64-bit executables..
Nov 16 2021, 10:27 PM · PowerPC, security, arm64

Nov 15 2021

mw updated the summary of D27666: Enable ASLR by default for 64-bit executables..
Nov 15 2021, 8:26 PM · PowerPC, security, arm64