Hi, Updated kernel option signed_exec patches for FreeBSD 4.6 Release are available from: http://www.trojanproof.org/sigexec-fbsd4.6r-0.1.tgz The relevant CVS revisions are: $FreeBSD: src/sys/i386/conf/GENERIC,v 1.246.2.42 2002/05/04 06:47:24 msmith Exp $ $FreeBSD: src/sys/conf/options,v 1.191.2.40 2002/04/30 17:48:08 tmm Exp $ $FreeBSD: src/sys/kern/kern_exec.c,v 1.107.2.14 2002/04/21 13:06:23 nectar Exp $ $FreeBSD: src/sys/kern/kern_linker.c,v 1.41.2.3 2001/11/21 17:50:35 luigi Exp $ Note that this is our original inline reference code simply updated for FreeBSD 4.6 and not the new V2 code which is still available as a beta only for OpenBSD 3.1 Release. We are working on a FreeBSD upgrade to the V2 code. Also Note that to apply these patches to the 4.6 Stable branch as of this date the /sys/i386/conf/GENERIC file in stable has been updated to 1.246.2.43 Simply do not apply the GENERIC.diff patch we have supplied if your tracking stable and instead make sure to add the following option to your kernel config file: options SIGNED_EXEC #md5 signature check exec Regards, Mike. -- Michael A. Williams Security Software Engineering and InfoSec Manager NetXSecure NZ Limited, http://www.nxs.co.nz Ph: +64.3.318.2973 Fax: +64.3.318.2975 Mob: +64.21.995.914
This archive was generated by hypermail 2b30 : Wed Jun 26 2002 - 16:04:09 PDT