Tue, 22 Jan 2008

NetBSD, architecture-dependent issues and forthcoming projects

We've been talking to a kernel developer of the NetBSD project (probably the most portable operating system out there), regarding its security status and some potential enhancements.
While reading through the secmodel securelevel source, we spotted this interesting snippet:

case KAUTH_REQ_SYSTEM_TIME_SYSTEM: {

 struct timespec *ts = arg1;
 struct timeval *delta = arg2;

/*
  * Don't allow the time to be set forward so far it will wrap
  * and become negative, thus allowing an attacker to bypass
  * the next check below.  The cutoff is 1 year before rollover
  * occurs, so even if the attacker uses adjtime(2) to move
  * the time past the cutoff, it will take a very long time
  * to get to the wrap point.
  *
  * XXX: we check against INT_MAX since on 64-bit
  *      platforms, sizeof(int) != sizeof(long) and
  *      time_t is 32 bits even when atv.tv_sec is 64 bits.
  */

 if (securelevel > 1 &&
     ((ts->tv_sec > INT_MAX - 365*24*60*60) ||
      (delta->tv_sec < 0 || delta->tv_usec < 0)))
 	result = KAUTH_RESULT_DENY;

break;
}

Navigation

• Home
• Contact us

Archives

• 2008 (14)
• November 2008 (1)
• October 2008 (2)
• September 2008 (4)
• July 2008 (2)
• April 2008 (1)
• March 2008 (2)
• January 2008 (2)
• 2007 (14)
• December 2007 (8)
• November 2007 (6)

Syndication

• RSS 2.0
• RSS
• Atom

Links

• Wiki
• Corporate site
• Lists

Send a tip

Meta

License

Subreption blog by Subreption LLC is Licensed under a Creative Commons Attribution-Noncommercial-No Derivative Works 3.0 United States License.