Can you please provide me with an example of an actual mdesc
entry that needs sanitization? I believe you are thinking of
passwords and crypto keys but I couldn't find any such entry
on any machine I have access to.
Dave, I still have to read from you on this.
I don't know, but based upon private communication we received from
Greg Onufer some might exist.
Please do a detailed audit of the mdesc properties that might contain
passwords or other sensitive issues, and please provide the results
of your audit on the list here.
Alexandre Chartres did part of that audit for us: he pointed out 2
sensitive mdesc keys that contain passwords and cryptographic keys.
I can't spend much more time on this patch. It's already out there in
the mailing list archive for whoever wants to use it.
That said this sanitization task should be on top of your sparc todo
list IMHO because the existing /dev/mdesc driver doesn't filter anything
as of today, so it leaks critical/sensitive data to the OS.
All the best with fixing /dev/mdesc.
-eric
--
To unsubscribe from this list: send the line "unsubscribe sparclinux" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
