On 12/07/2017 07:05 PM, David Miller wrote:
From: Eric Saint Etienne <eric.saint.etienne@xxxxxxxxxx>
Date: Thu, 7 Dec 2017 16:40:14 +0000
Can you please provide me with an example of an actual mdesc
entry that needs sanitization? I believe you are thinking of
passwords and crypto keys but I couldn't find any such entry
on any machine I have access to.
Dave, I still have to read from you on this.
I don't know, but based upon private communication we received from
Greg Onufer some might exist.
Please do a detailed audit of the mdesc properties that might contain
passwords or other sensitive issues, and please provide the results
of your audit on the list here.
FYI, on Solaris, when dumping /dev/mdesc, Solaris filters out the "security-password"
property from the "variables" node, and the "keystore" node.
- "security-password" holds the OBP password if it is set
- "keystore" holds security keys.
alex.
--
To unsubscribe from this list: send the line "unsubscribe sparclinux" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
