Eugene Kim
2011-Jul-04 12:19 UTC
Request for MFC r215299: Echoing asterisks for GELI passphrase
Greetings, Could someone please MFC r215299? This commit enhances a workaround for a long-standing bug (kern/105368) and is pretty much required for any production system affected by the bug. (Without the patch, anyone that can run dmesg can see the passphrase entered for the root filesystem. ;_;) Regards, Eugene Kim
Oliver Pinter
2011-Jul-04 12:45 UTC
Request for MFC r215299: Echoing asterisks for GELI passphrase
Hi Eugene, Just a note: The /var/run/dmesg.boot file is world readable by default ;) opv@pandora-d ~> dmesg dmesg: sysctl kern.msgbuf: Operation not permitted opv@pandora-d ~> tail -n 5 /var/run/dmesg.boot pcm4: <HDA Analog Devices AD1989B PCM #3 Digital> at cad 0 nid 1 on hdac1 SMP: AP CPU #1 Launched! SMP: AP CPU #2 Launched! SMP: AP CPU #3 Launched! Trying to mount root from ufs:/dev/ufs/deskroot opv@pandora-d ~> ll /var/run/dmesg.boot -rw-r--r-- 1 root wheel 10619 Jul 1 19:30 /var/run/dmesg.boot On 7/4/11, Eugene Kim <astralblue@gmail.com> wrote:> Greetings, > > Could someone please MFC r215299? This commit enhances a workaround > for a long-standing bug (kern/105368) and is pretty much required for > any production system affected by the bug. (Without the patch, anyone > that can run dmesg can see the passphrase entered for the root > filesystem. ;_;) > > Regards, > Eugene Kim > _______________________________________________ > freebsd-stable@freebsd.org mailing list > http://lists.freebsd.org/mailman/listinfo/freebsd-stable > To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org" >