svn commit: r239598 - head/etc/rc.d

[Dag-Erling Smørgrav]

David O'Brien <obrien at FreeBSD.org> writes:
> Dag-Erling Smørgrav <des at des.no> writes:
> > However, it does not vary from one boot to another, or even from one
> > machine to another if they run the same FreeBSD version with the same
> > device.hints and loader.conf on the same hardware configuration.
> ... and same BIOS version.
>
> I found on some Dell desktops and HP servers I looked at that the
> 'hint.acpi.0' MIB could vary depending on BIOS version, and 'smbios'
> MIB did vary between systems.

kenv(1) on the machine I'm typing this on produces 2128 bytes, less than
1% of which will vary between machines with the same motherboard.  The
UUID is all-zeroes except for the lower 48 bits, which are identical to
the on-board NIC's MAC address.  The BIOS version consists of two
characters ("F8") and a release date ("01/08/2007").  If the attacker
knows what motherboard I have, he can easily figure out the handful of
possible BIOS revisions and release dates, and the first 24 bits of the
MAC address (00:16:e6).  The amount of installed memory may vary, but it
is extremely likely to be the product of 1048576 and a smallish power of
two (4, in this case).

> I'm not saying 'kenv' is perfect, but it was something I found in
> /[s]bin that varied between systems so it was a good replacement for
> one of the 'ps' runs.

...except ps(1) varies between reboots and over time, especially if you
include fields like majflt, minflt, nivcsw and nvcsw, and to a lesser
extent systime and usertime (it would help if they had greater
resolution); whereas kenv(1) does not and can be identical or nearly so
on multiple machines.

DES
-- 
Dag-Erling Smørgrav - des at des.no