freebsd-security Digest, Vol 184, Issue 2
Alexander Leidinger
Alexander at Leidinger.net
Wed Nov 8 08:12:30 UTC 2006
Quoting Wes Peters <wes at opensail.org> (from Tue, 7 Nov 2006 23:28:15 -0800):
>
> On Nov 7, 2006, at 11:22 PM, Alexander Leidinger wrote:
>
>> Quoting Wes Peters <wes at opensail.org> (from Tue, 7 Nov 2006 20:19:40 -0800):
>>
>>> --- /etc/rc.d/dmesg Sat May 6 21:00:26 2006
>>> +++ dmesg Tue Nov 7 20:17:47 2006
>>> @@ -19,8 +19,10 @@
>>> do_dmesg()
>>> {
>>> - rm -f ${dmesg_file}
>>> + mv -f ${dmesg_file} ${dmesg_file}.prev
>>> ( umask 022 ; /sbin/dmesg $rc_flags > ${dmesg_file} )
>>> + cmp -s ${dmesg_file} ${dmesg_file}.prev || \
>>> + logger -p security.warn 'dmesg.boot changed from
>>> previous boot'
>>> }
>>> load_rc_config $name
>>>
>>>
>>> If you like that, I'm willing to discuss it further, and/or commit it
>>> and let the howling tell if it's a keeper or not. ;^)
>>
>> Did you try this? I didn't, but I would expect to see this message
>> _every time_ (because of minor timecounter rate changes).
>
> Yes, but only once, and then forced a change by re-running it. Maybe I
> just got 'lucky.' Feel free to suggest 'better' tests, or parts to
> throw out of dmesg.boot before the test.
The ACPI-fast, ACPI-safe, TSC and i8xxx timecounter frequency needs to
be removed IMO. Sometimes I also see a very small change in the probe
order... but I don't remember exacly what's changing and what's
causing it.
Bye,
Alexander.
--
The days are all empty and the nights are unreal.
http://www.Leidinger.net Alexander @ Leidinger.net: PGP ID = B0063FE7
http://www.FreeBSD.org netchild @ FreeBSD.org : PGP ID = 72077137
More information about the freebsd-security
mailing list