tech-security archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

Re: It's not cool to change security-related sysctl names

Le 16/01/13 17:25, Thor Lancelot Simon a écrit :
Between NetBSD 5 and NetBSD 6, the name of the 'curtain' sysctl was
changed with no backwards compatibility.

The result is that systems upgraded to NetBSD 6, which set curtain in
/etc/sysctl.conf, like so:


Will now fail to do so.  If their admins don't notice the warning message
at boot time, the system will come up and run but sensitive data may be
disclosed (presumably if people set curtain in sysctl.conf, they have good
reason for doing so).

This is not cool.  It might actually warrant an advisory.

I can't remember the exact details behind, however the curtain (and securelevel BTW) sysctls were used through "security.curtain" and "kern.securelevel" as shown in security(7). So it seems that this regression went unnoticed.

When this change was made (securelevel and curtain moving to the 'extensions' secmodel(9)), the old sysctls remained but not the 'bsd44' ones.

Left over on my side. I'll fix it and ask for a pullup, sorry.

Jean-Yves Migeon

Home | Main Index | Thread Index | Old Index