看板FB_security
标 题Re: md(4) (swap-base) disks not cleaned on creation
发信站NCTU CS FreeBSD Server (Wed Nov 7 04:59:36 2012)
转信站ptt!csnews.cs.nctu!news.cs.nctu!.cs.nctucs.nctu!.org!ownorg!owner-free
On Tue, Nov 06, 2012 at 09:27:04PM +0200, Konstantin Belousov wrote:
> On Tue, Nov 06, 2012 at 07:46:58PM +0100, Paul Schenkeveld wrote:
> > Hi,
> > =
> > When creating a swap based md(4) it may contain data which to me feels
> > like a security leak:
> > =
> > # mdconfig -a -t swap -s 1m
> > md0
> > # hd /dev/md0
> > 00000000 c0 9b a8 00 08 00 00 00 00 5c 53 00 08 00 00 00 |?.?.....=
..\S.....|
> > 00000010 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |........=
.........|
> > *
> > 00000250 38 9f a8 00 08 00 00 00 00 5c 53 00 08 00 00 00 |8.?.....=
..\S.....|
> > 00000260 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |........=
.........|
> > *
> > 00000330 88 a0 a8 00 08 00 00 00 00 5c 53 00 08 00 00 00 |.=9A?...=
....\S.....|
> > 00000340 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |........=
.........|
> > *
> > 00000370 e8 a0 a8 00 08 00 00 00 00 5c 53 00 08 00 00 00 |?=9A?...=
....\S.....|
> > 00000380 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |........=
.........|
> > *
> > 000005b0 48 a4 a8 00 08 00 00 00 00 5c 53 00 08 00 00 00 |H??.....=
..\S.....|
> > 000005c0 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 |........=
.........|
> > *
> > ^C
> > # ls -l /dev/md0
> > crw-r----- 1 root operator 0xc8 Nov 6 19:42 /dev/md0
> > #
> > =
> > Although not world-readable, it just doesn't feel right to me.
> > =
> > Any thoughts?
> =
> It is definitely not a security issue. The md device is not user-accessib=
le,
> as you noted. A filesystem run over the device need to ensure that user
> process never get on-disk garbage without first initializing the blocks.
What about this scenario:
- Root uses nanobsd.sh to make an image
- The .conf file has NANO_MD_BACKING=3D"swap" (I believe phk@ was against
this feature but it is in nanobsd.sh now)
- Root places the image on a public FTP site and this way exposes swap
data.
--
Paul Schenkeveld
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "
[email protected]"