replace uname -a informational string
Michael B. Eichorn
ike at michaeleichorn.com
Fri Oct 23 18:07:55 UTC 2015
On Fri, 2015-10-23 at 19:47 +0200, Michael Schuster wrote:
> I seem to remember there's a trick using dtrace where you intercept the
> uname syscall/library call .. that was on Solaris, though, don't know
> how
> that would map onto FreeBSD.
>
> regards
> Michael
But doesn't that only block uname? What about 'strings'?
If the concern is security I would think it would be best not to compile
the information in at all.
The build system was designed to share the build hostname not hide it
after all.
>
> On Fri, Oct 23, 2015 at 7:45 PM, Michael B. Eichorn <
> ike at michaeleichorn.com>
> wrote:
>
> > On Fri, 2015-10-23 at 09:08 +0200, O. Hartmann wrote:
> > > For security purposes, I need to replace the informations given by
> > > "uname -a"
> > > to hode the kernel build system, name et cetera.
> >
> > I presume you intendend 'hide' here?
> >
> > If you want to scrub a binaries of _all_ information about the
> > building
> > system this is a problem Debian is actively working on called
> > 'reproducible builds' but is not possible today.
> >
> > https://reproducible.debian.net
> >
> > If you want to hide the hostname, why not just build with a different
> > hostname set?
> >
> > >
> > > Is there a way to achieve this via setting some knobs in the
> > > process of
> > > a
> > > buildkernel?
> > >
> > > Please CC me, I'm not subscriber of the list.
> > >
> > > Kind regards and thanks in advance,
> > >
> > > O. Hartmann
> >
>
>
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 5761 bytes
Desc: not available
URL: <http://lists.freebsd.org/pipermail/freebsd-questions/attachments/20151023/1a14eaaa/attachment.bin>
More information about the freebsd-questions
mailing list