https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=274550
John F. Carr <j...@mit.edu> changed:
What |Removed |Added
----------------------------------------------------------------------------
CC| |j...@mit.edu
--- Comment #3 from John F. Carr <j...@mit.edu> ---
These don't look like FreeBSD-specific side channels to me, but the expected
way IP works. There are tunables net.inet.{udp,tcp}.blackhole for sysadmins who
are afraid of revealing port numbers, and net.inet.icmp.icmplim_jitter to
mitigate issue 10.
Are you imagining a local attacker whose privileges do not include netstat
trying to deduce the code path taken by a packet through the kernel using cache
misses and branch mispredictions?
--
You are receiving this mail because:
You are the assignee for the bug.
