[prev in list] [next in list] [prev in thread] [next in thread] 

List:       freebsd-bugs
Subject:    kern/20963: wicontrol (and supporting ioctls/sysctls, presumably) reveal crypto key
From:       rwatson () freebsd ! org
Date:       2000-08-31 16:06:18
[Download RAW message or body]


>Number:         20963
>Category:       kern
>Synopsis:       wicontrol (and supporting calls) reveal hardware crypto key to any user
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Thu Aug 31 09:10:01 PDT 2000
>Closed-Date:
>Last-Modified:
>Originator:     Robert Watson
>Release:        FreeBSD 4.1-STABLE i386
>Organization:
NAI Labs at Network Associates
>Environment:

4.1-STABLE, using Wavelan wi driver, with hardware encryption enabled.

>Description:

wicontrol will show the hardware crypto key to any user.  Probably, 
release of the crypto key should occur only to a process with appropriate
privilege.  This cannot just be done in wicontrol, but must be done at
the ioctl used to retrieve the key, in kernel.  Access to the system
should not imply complete access to the network infrastructure.

>How-To-Repeat:

wicontrol -i wi0

>Fix:

Not attached.


>Release-Note:
>Audit-Trail:
>Unformatted:


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message


[prev in list] [next in list] [prev in thread] [next in thread]