svn commit: r192544 - head/sys/kern
Kostik Belousov
kostikbel at gmail.com
Thu May 21 16:24:37 UTC 2009
On Thu, May 21, 2009 at 04:19:54PM +0000, Ed Schouten wrote:
> Author: ed
> Date: Thu May 21 16:19:54 2009
> New Revision: 192544
> URL: http://svn.freebsd.org/changeset/base/192544
>
> Log:
> Add a new sysctl: kern.tty_inq_flush_secure.
>
> When enabled all TTY input queue buffers are zeroed when flushing or
> closing the TTY. Because TTY input queues are also used to store filled
> in passwords, this may be an interesting switch to enable for security
> minded people.
Why is this enabled by sysctl ? Such feature shall be unconditional if
it has any value.
>
> Modified:
> head/sys/kern/tty_inq.c
>
> Modified: head/sys/kern/tty_inq.c
> ==============================================================================
> --- head/sys/kern/tty_inq.c Thu May 21 16:18:45 2009 (r192543)
> +++ head/sys/kern/tty_inq.c Thu May 21 16:19:54 2009 (r192544)
> @@ -68,6 +68,9 @@ SYSCTL_ULONG(_kern, OID_AUTO, tty_inq_nf
> static unsigned long ttyinq_nslow = 0;
> SYSCTL_ULONG(_kern, OID_AUTO, tty_inq_nslow, CTLFLAG_RD,
> &ttyinq_nslow, 0, "Buffered reads to userspace on input");
> +static int ttyinq_flush_secure = 0;
> +SYSCTL_INT(_kern, OID_AUTO, tty_inq_flush_secure, CTLFLAG_RW,
> + &ttyinq_flush_secure, 0, "Zero buffers while flushing");
>
> #define TTYINQ_QUOTESIZE (TTYINQ_DATASIZE / BMSIZE)
> #define BMSIZE 32
> @@ -376,28 +379,19 @@ ttyinq_findchar(struct ttyinq *ti, const
> void
> ttyinq_flush(struct ttyinq *ti)
> {
> + struct ttyinq_block *tib = ti->ti_lastblock;
>
> ti->ti_begin = 0;
> ti->ti_linestart = 0;
> ti->ti_reprint = 0;
> ti->ti_end = 0;
> -}
> -
> -#if 0
> -void
> -ttyinq_flush_safe(struct ttyinq *ti)
> -{
> - struct ttyinq_block *tib;
> -
> - ttyinq_flush(ti);
>
> - /* Zero all data in the input queue to make it more safe */
> - TAILQ_FOREACH(tib, &ti->ti_list, tib_list) {
> - bzero(&tib->tib_quotes, sizeof tib->tib_quotes);
> - bzero(&tib->tib_data, sizeof tib->tib_data);
> + /* Zero all data in the input queue to get rid of passwords. */
> + if (ttyinq_flush_secure) {
> + for (tib = ti->ti_firstblock; tib != NULL; tib = tib->tib_next)
> + bzero(&tib->tib_data, sizeof tib->tib_data);
> }
> }
> -#endif
>
> int
> ttyinq_peekchar(struct ttyinq *ti, char *c, int *quote)
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 195 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/svn-src-all/attachments/20090521/e9a1aa5b/attachment.pgp
More information about the svn-src-all
mailing list