FreeBSD Security Advisory (mbuf)

The FreeBSD Security Team have identified a little bug in FreeBSD where a lost mbuf flag can result in data loss.

“I. Background

An mbuf is a basic unit of memory management in the FreeBSD kernel inter-process communication and networking subsystem. Network packets and socket buffers are dependent on mbufs for their storage.

Data can be embedded directly in mbufs, or mbufs can instead reference external buffers. The sendfile(2) system call uses external mbuf storage to directly map the contents of a file into a chain of mbufs for
transmission purposes. The mbuf object supports a read-only flag that must be honored to prevent modification or writes to buffer data in cases like these.

II. Problem Description

The read-only flag is not correctly copied when a mbuf buffer reference is duplicated. When the sendfile(2) system call is used to transmit data over the loopback interface, this can result in the backing pages
for the transmitted file being modified, causing data corruption.

III. Impact

This data corruption can be exploited by an local attacker to escalate their privilege by carefully controlling the corruption of system files. It should be noted that the attacker can corrupt any file they have read
access to.”

For a workaround and steps to fix this, have a look at the announcement

FreeBSD quick news and links (08/07/2010)

I Running old binaries on -current

Did you know you can old FreeBSD binaries on recent versions? As strange as it may sound, all FreeBSD versions have an ABI compatibility with previous versions, and you can run files compiled years ago. However, there seems to be a little problem now with running 1.0 packages on Current (9.0). Should be fixed soon. (via)

II Benchmarks of FreeBSD 8.1 RC2 against FreeBSD 8.0, Ubuntu Linux 10.10

Phoronix has tested the above three operating systems and compared them. It’s maybe like comparing apples with pears, but nonetheless interesting benchmarks: Benchmarks Of FreeBSD 8.1 RC2 Against FreeBSD 8.0, Ubuntu Linux

FreeBSD 8.1 is slated to be released this month as the first significant update to FreeBSD since the rollout of the 8.0 release last November. With the second release candidate of FreeBSD 8.1 having just been made available a few days back, we have conducted a set of tests comparing the performance of FreeBSD 8.1 RC2 versus FreeBSD 8.0 and an Ubuntu 10.10 development snapshot.FreeBSD 8.1 is slated to be released this month as the first significant update to FreeBSD since the rollout of the 8.0 release last November. With the second release candidate of FreeBSD 8.1 having just been made available a few days back, we have conducted a set of tests comparing the performance of FreeBSD 8.1 RC2 versus FreeBSD 8.0 and an Ubuntu 10.10 development snapshot.

III MeetBSD 2010 Poland Pictures

The MeetBSD 2010 conference (Kracow, 2-3 July) has finished. You can read the presentation summaries and view the photos (day 1 and day 2)

IV Something More Revelant then bsdstats.org

Generally bsdstats.org is only known by BSD users (and definitely not by all of them), so even having BIG stats out there is more or less pointless.

But there is other way to ‘impress’ other people with BSD stats … http://distrowatch.com portal. It mainly focuses on Linux distributions but it also gathers stats for BSDs and OpenSolaris/Solaris ‘distributions’.

How to do this: Something More Revelant then BSDSTATS.org

V WarBSD

I came across warBSD the other day. Has anybody ever used it and if so, what is your experience. Please share in the comments below.

WarBSD was an attempt at using FreeBSD with the PicoBSD build scripts to make a *BSD based war driving kit.

Serve an anonymous shell via Tor

“While most people use Tor simply for anonymous web browsing, Tor also provides a slick way to host a service (web site, IRC chat server, etc) called a Hidden Service. These services are “hidden” because they are only accessible via the Tor network, and are under the same anonymity umbrella as Tor clients — unless they accidentally expose information about themselves, it is essentially impossible to determine the source location of the service.” continues

KDE 4.4.5 in ports

As of 29/06 KDE 4.4.5 is available in the FreeBSD ports directory. KDE 4.4.5 announcement

FreeBSD Foundation funded projects (Jail, DTrace)

One of the ways the FreeBSD Foundation supports FreeBSD, is by funding FreeBSD development (e.g. the Jail based virtualisation project). The Foundation has agreed to fund two more projects:

I Resource Containers Project

This project will be undertaken by Edward Tomasz Napierala. “Unlike Solaris zones, the current implementation of FreeBSD Jails does not provide per-jail resource limits. As a result, users are often forced to replace jails with other virtualization mechanisms. The goal of this project is to create a single, unified framework for controlling resource utilisation, and to use that framework to implement per-jail resource limits. In the future, the same framework might be used to implement more sophisticated resource controls, such as Hierarchical Resource Limits, or to implement mechanisms similar to AIX WLM. It could also be used to provide precise resource usage accounting for administrative or billing purposes.”

“It’s great that the Foundation decided to fund this project. It will make jail-based virtualization a much better choice in many scenarios, for example for Virtual Private Server providers.”

Edward noted.

II DTrace Userland Project

Rui Paulo has been awarded a grant to add DTrace userland support to FreeBSD.

DTrace is a general purpose and lightweight tracing framework that allows administrators, developers and users to investigate causes of system failure or performance bottlenecks. The FreeBSD operating system has had support for kernel-only DTrace since FreeBSD 8.0, but DTrace userland support was missing. Having userland support in DTrace allows inspection of userland software itself and its correlation with the kernel, thus allowing a much better picture of what exactly is going on behind the scenes.

This project will first concentrate on adding libproc support for symbol to address mapping, address to symbol mapping, breakpoint setup and the rtld interactions with DTrace. Next it will focus on DTrace process control, importing the pid provider and adapting it to FreeBSD and porting the userland statically defined probe provider (usdt). Finally it will bring in the plockstat provider.

“By having userland DTrace support, companies can make their products perform much better on FreeBSD due to the fact that they now have access to this amazing tool. When we mix the userland support with the kernel side DTrace support, we can also make FreeBSD a better operating system because we can investigate performance bottlenecks much easier.”

said FreeBSD developer Rui Paul

Well done to Rui and Edward. We’re looking forward to testing the results of their work at the end of the year. If you wish to see more of these sort of projects, you can donate to the FreeBSD Foundation.

First look at GhostBSD (Distrowatch)

Distrowatch has an interview with Eric Turgeon, GhostBSD‘s founder, and a review of this FreeBSD/Gnome based desktop operating system.

“The PC-BSD project brings a user-friendly pre-configured KDE desktop to the FreeBSD community. Which is all well and good, but what if you’re more of a GNOME person? Well, it turns out there is a project in the works for you too. The GhostBSD project is in its early stages, but it’s paving the way for users who enjoy running GNOME on a FreeBSD base without any configuring or installing extra software. I had a chance to exchange emails with Eric Turgeon, the project’s founder and lead developer.”

Head over to the interview and the review of GhostBSD: First look at GhostBSD

BSD Magazine 2010/07: OpenBSD

July’s issue of the BSD Magazine can now be downloaded: BSD magazine 2010/07: OpenBSD.

Olga Kartseva, chief editor, wrote that the BSD Magazine archives are available now for freebsd-announce mailinglist subscribers without having to subscribe to the BSD Mag newsletter.

This is the table of contents of the OpenBSD issue:

Building a Desktop Firewall with pf and fwbuilder

This article is an excerpt from the Firewalls and VPNs chapter of the book The Best of FreeBSD Basics (ISBN 9780979034220), published by Reed Media Publishing.
- Dru Lavigne

OpenBSD Some Interesting One Floppy Systems

One floppy systems are very practical, as they usually have a specific goal, which cannot be said about all Live CD’s.
- JURAJ SIPOS

Remote Installation of the FreeBSD Operating System without a Remote Console

This article documents the remote installation of the FreeBSD operating system when the console of the remote system is unavailable. The main idea behind this article is the result of a collaboration with Martin Matuska mm@FreeBSD.org with valuable input provided by Pawel Jakub Dawidek jd@FreeBSD.org.
- DANIEL GERZO

OpenBSD as a Mail Server

In a previous document, we built redundant firewalls using the CARP and PFSYNC protocols; these were the first building blocks of a hypothetical, penBSD-based, small private networkthat we are going to build step by step across several documents.
- DANIELE MAZZOCCHIO

Performance Comparison ITTIA DB and SQLite

ITTIA DB SQL and SQLite are used by software developers to manage information stored in applications and devices. Designed to be hidden from the end-user, these embedded relational database management systems are linked into the application or firmware as self-contained software libraries.
- Sasan Montaseri

Interview with Jeff Roberson
- Jesse Smith

FreeBSD Experience and Success Story
- JOSHUA EBARVIA