On 2008-Nov-19 02:47:31 -0800, Jeremy Chadwick <[EMAIL PROTECTED]> wrote: >There's a known "issue" with the kernel message buffer though: it's not >NULL'd out upon reboot.
This is deliberate. If the system panics, stuff that was in the message buffer (and might not be on disk) can be read when the system reboots. If there is no crashdump, this might be the only record of what happened. > Meaning, in some cases (depends on the BIOS or >system), the kernel message buffer from single-user mode is retained >even after a reboot! A user can then do "dmesg" and see all the nifty >stuff you've done during single-user, which could include unencrypted >passwords if mergemaster was tinkering with passwd/master.passwd, etc.. There shouldn't be unencrypted passwords, though there might be encrypted passwords visible. >Rink Springer created a patch where the kernel message buffer will start >with NULL to keep this from happening, but it needs to be made into a >loader.conf tunable. I hope that never gets committed - it will make debugging kernel problems much harder. There is already a kern.msgbuf_clear sysctl and maybe people who are concerned about msgbuf leakage need to learn to use it. -- Peter Jeremy Please excuse any delays as the result of my ISP's inability to implement an MTA that is either RFC2821-compliant or matches their claimed behaviour.
pgp13Q2HNhDcL.pgp
Description: PGP signature
