Re: Getting sandsifter in Debian
Hi, On Thu, 06 Sep 2018, SZ Lin (林上智) wrote: > Please feel free to review or modify this, I will upload the package > before the end of the week if there is no any issues. > > [1] https://salsa.debian.org/pkg-security-team/sandsift/ > [2] https://github.com/rigred/sandsifter/issues/3 I left a comment here about the insecure use of /tmp. Cheers, -- Raphaël Hertzog ◈ Debian Developer Support Debian LTS: https://www.freexian.com/services/debian-lts.html Learn to master Debian: https://debian-handbook.info/get/
Re: Getting sandsifter in Debian
Hi, I've packaged draft package for sandsift [1] after discussing with upstream [2]. Please feel free to review or modify this, I will upload the package before the end of the week if there is no any issues. [1] https://salsa.debian.org/pkg-security-team/sandsift/ [2] https://github.com/rigred/sandsifter/issues/3 -- SZ Lin (林上智) , http://people.debian.org/~szlin Debian Developer 4096R/ 178F 8338 B314 01E3 04FC 44BA A959 B38A 9561 F3F9 SZ Lin (林上智) 於 2018年8月27日 週一 下午3:03寫道: > > Hi, > > It seems like the upstream [1] is not active for a while, the last > commit [2] is in Sep,2017. I would like to suggest replace the > upstream with this fork [3]. > > [1] https://github.com/xoreaxeaxeax/sandsifter > [2] > https://github.com/xoreaxeaxeax/sandsifter/commit/8375e6123d093629e3e4437d7903839fd0742c2a > [3] https://github.com/rigred/sandsifter > > -- > > SZ Lin (林上智) , http://people.debian.org/~szlin > > > shirish शिरीष 於 2018年8月16日 週四 下午2:48寫道: > > > > Dear all, > > > > First of all thank you for the whole team for keeping Debian as secure > > as it is the people on the team do to keep Debian free from > > controversy (at least from the security viewpoint) . > > > > Please CC me as I'm not subscribed to the mailing list, sorry. > > > > I just came upon sandsifter today. While I have done an RFP on it , > > could people have a look at it. > > > > It's being tracked as #906246 , thank you in advance. > > > > https://github.com/xoreaxeaxeax/sandsifter > > > > Also see https://www.youtube.com/watch?v=KrksBdWcZgQ which is a > > blackhat presentation given by the Developer. > > > > Could you all examine it and see if it's worth including in Debian, > > the only pre-requisite it asks for is already in Debian i.e. capstone. > > I dunno if it would be a good tool or not as I do not have the > > expertise to know whether the package 'phones home' or not, how > > dangerous or not dangerous the analysis would be. > > > > The only requirements are libcapstone3 and libcapstone-dev before > > compiling the python script (via make). The other odd thing seems to > > that the developer has mentioned to use 32-bit variation of the > > libcapstone3 and libcapstone-dev which at least IMHO would make it > > more resource intensive as it means it would be limited to only using > > 4 GiB of memory when it could use the whole 8-128 GiB memory depending > > upon the workstation properties but what do I know of these things. > > > > Looking forward to know. > > > > -- > > Regards, > > Shirish Agarwal शिरीष अग्रवाल > > My quotes in this email licensed under CC 3.0 > > http://creativecommons.org/licenses/by-nc/3.0/ > > http://flossexperiences.wordpress.com > > EB80 462B 08E1 A0DE A73A 2C2F 9F3D C7A4 E1C4 D2D8 > >
Re: Getting sandsifter in Debian
Hi, It seems like the upstream [1] is not active for a while, the last commit [2] is in Sep,2017. I would like to suggest replace the upstream with this fork [3]. [1] https://github.com/xoreaxeaxeax/sandsifter [2] https://github.com/xoreaxeaxeax/sandsifter/commit/8375e6123d093629e3e4437d7903839fd0742c2a [3] https://github.com/rigred/sandsifter -- SZ Lin (林上智) , http://people.debian.org/~szlin shirish शिरीष 於 2018年8月16日 週四 下午2:48寫道: > > Dear all, > > First of all thank you for the whole team for keeping Debian as secure > as it is the people on the team do to keep Debian free from > controversy (at least from the security viewpoint) . > > Please CC me as I'm not subscribed to the mailing list, sorry. > > I just came upon sandsifter today. While I have done an RFP on it , > could people have a look at it. > > It's being tracked as #906246 , thank you in advance. > > https://github.com/xoreaxeaxeax/sandsifter > > Also see https://www.youtube.com/watch?v=KrksBdWcZgQ which is a > blackhat presentation given by the Developer. > > Could you all examine it and see if it's worth including in Debian, > the only pre-requisite it asks for is already in Debian i.e. capstone. > I dunno if it would be a good tool or not as I do not have the > expertise to know whether the package 'phones home' or not, how > dangerous or not dangerous the analysis would be. > > The only requirements are libcapstone3 and libcapstone-dev before > compiling the python script (via make). The other odd thing seems to > that the developer has mentioned to use 32-bit variation of the > libcapstone3 and libcapstone-dev which at least IMHO would make it > more resource intensive as it means it would be limited to only using > 4 GiB of memory when it could use the whole 8-128 GiB memory depending > upon the workstation properties but what do I know of these things. > > Looking forward to know. > > -- > Regards, > Shirish Agarwal शिरीष अग्रवाल > My quotes in this email licensed under CC 3.0 > http://creativecommons.org/licenses/by-nc/3.0/ > http://flossexperiences.wordpress.com > EB80 462B 08E1 A0DE A73A 2C2F 9F3D C7A4 E1C4 D2D8 >
Re: Getting sandsifter in Debian
at bottom :- On 16/08/2018, SZ Lin (林上智) wrote: > Hi, > > If no one has any objections, I would like to package this tool and > mark as a team maintained package afterwards. > > -- > > SZ Lin (林上智) , http://people.debian.org/~szlin > > 4096R/ 178F 8338 B314 01E3 04FC 44BA A959 B38A 9561 F3F9 > > Dear SZlin, Keep me in loop, if you do the packaging and need somebody to test or something, let me know, am more than willing to do any tests with the tool that you may want me to partake in. -- Regards, Shirish Agarwal शिरीष अग्रवाल My quotes in this email licensed under CC 3.0 http://creativecommons.org/licenses/by-nc/3.0/ http://flossexperiences.wordpress.com EB80 462B 08E1 A0DE A73A 2C2F 9F3D C7A4 E1C4 D2D8
Re: Getting sandsifter in Debian
Hi, If no one has any objections, I would like to package this tool and mark as a team maintained package afterwards. -- SZ Lin (林上智) , http://people.debian.org/~szlin 4096R/ 178F 8338 B314 01E3 04FC 44BA A959 B38A 9561 F3F9 2018-08-16 14:47 GMT+08:00 shirish शिरीष : > Dear all, > > First of all thank you for the whole team for keeping Debian as secure > as it is the people on the team do to keep Debian free from > controversy (at least from the security viewpoint) . > > Please CC me as I'm not subscribed to the mailing list, sorry. > > I just came upon sandsifter today. While I have done an RFP on it , > could people have a look at it. > > It's being tracked as #906246 , thank you in advance. > > https://github.com/xoreaxeaxeax/sandsifter > > Also see https://www.youtube.com/watch?v=KrksBdWcZgQ which is a > blackhat presentation given by the Developer. > > Could you all examine it and see if it's worth including in Debian, > the only pre-requisite it asks for is already in Debian i.e. capstone. > I dunno if it would be a good tool or not as I do not have the > expertise to know whether the package 'phones home' or not, how > dangerous or not dangerous the analysis would be. > > The only requirements are libcapstone3 and libcapstone-dev before > compiling the python script (via make). The other odd thing seems to > that the developer has mentioned to use 32-bit variation of the > libcapstone3 and libcapstone-dev which at least IMHO would make it > more resource intensive as it means it would be limited to only using > 4 GiB of memory when it could use the whole 8-128 GiB memory depending > upon the workstation properties but what do I know of these things. > > Looking forward to know. > > -- > Regards, > Shirish Agarwal शिरीष अग्रवाल > My quotes in this email licensed under CC 3.0 > http://creativecommons.org/licenses/by-nc/3.0/ > http://flossexperiences.wordpress.com > EB80 462B 08E1 A0DE A73A 2C2F 9F3D C7A4 E1C4 D2D8 >
Getting sandsifter in Debian
Dear all, First of all thank you for the whole team for keeping Debian as secure as it is the people on the team do to keep Debian free from controversy (at least from the security viewpoint) . Please CC me as I'm not subscribed to the mailing list, sorry. I just came upon sandsifter today. While I have done an RFP on it , could people have a look at it. It's being tracked as #906246 , thank you in advance. https://github.com/xoreaxeaxeax/sandsifter Also see https://www.youtube.com/watch?v=KrksBdWcZgQ which is a blackhat presentation given by the Developer. Could you all examine it and see if it's worth including in Debian, the only pre-requisite it asks for is already in Debian i.e. capstone. I dunno if it would be a good tool or not as I do not have the expertise to know whether the package 'phones home' or not, how dangerous or not dangerous the analysis would be. The only requirements are libcapstone3 and libcapstone-dev before compiling the python script (via make). The other odd thing seems to that the developer has mentioned to use 32-bit variation of the libcapstone3 and libcapstone-dev which at least IMHO would make it more resource intensive as it means it would be limited to only using 4 GiB of memory when it could use the whole 8-128 GiB memory depending upon the workstation properties but what do I know of these things. Looking forward to know. -- Regards, Shirish Agarwal शिरीष अग्रवाल My quotes in this email licensed under CC 3.0 http://creativecommons.org/licenses/by-nc/3.0/ http://flossexperiences.wordpress.com EB80 462B 08E1 A0DE A73A 2C2F 9F3D C7A4 E1C4 D2D8