FreeBSD 9.0-BETA3 发布

FreeBSD是类UNIX操作系统,它基于加州伯克利大学的“4.4BSD-Lite”发行并带有一些“4.4BSD-Lite2”增强,面向 i386、amd64、IA-64、arm、MIPS、powerpc、ppc64、PC-98、UltraSPARC等平台。它还间接地基于 “386BSD”,此乃William Jolitz对加州伯克利大学的“Net/2”往i386系统上的移植,尽管如今只有极少的代码保留下来。FreeBSD被全世界的公司、因特网服务提供 商、科研人员、计算机专家、学生、家庭用户等用于他们的工作、教育、娱乐中。FreeBSD带有20000多个软件包,它们是预编译和打包好了、便于安装 的软件,并覆盖了广阔的应用领域:服务器软件、数据库和网页服务器、桌面软件、游戏、网络浏览器和商务软件,而这一切都是免费和易于安装的。
发行说明:
http://lists.freebsd.org/pipermail/freebsd-stable/2011-September/064030.html
下载地址:
FreeBSD-9.0-BETA3-i386-dvd1.iso (500MB, SHA256)
FreeBSD-9.0-BETA3-amd64-dvd1.iso (610MB, SHA256)

FreeBSD-SA-11:05.unix

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA1

=============================================================================
FreeBSD-SA-11:05.unix                                       Security Advisory
                                                          The FreeBSD Project

Topic:          Buffer overflow in handling of UNIX socket addresses

Category:       core
Module:         kern
Announced:      2011-09-28
Credits:        Mateusz Guzik
Affects:        All supported versions of FreeBSD.
Corrected:      2011-09-28 08:47:17 UTC (RELENG_7, 7.4-STABLE)
                2011-09-28 08:47:17 UTC (RELENG_7_4, 7.4-RELEASE-p3)
                2011-09-28 08:47:17 UTC (RELENG_7_3, 7.3-RELEASE-p7)
                2011-09-28 08:47:17 UTC (RELENG_8, 8.2-STABLE)
                2011-09-28 08:47:17 UTC (RELENG_8_2, 8.2-RELEASE-p3)
                2011-09-28 08:47:17 UTC (RELENG_8_1, 8.1-RELEASE-p5)
                2011-09-28 08:47:17 UTC (RELENG_9, 9.0-RC1)

For general information regarding FreeBSD Security Advisories,
including descriptions of the fields above, security branches, and the
following sections, please visit <URL:http://security.FreeBSD.org/>.

I.   Background

UNIX-domain sockets, also known as "local" sockets, are a mechanism for
interprocess communication.  They are similar to Internet sockets (and
utilize the same system calls) but instead of relying on IP addresses
and port numbers, UNIX-domain sockets have addresses in the local file
system address space.

II.  Problem Description

When a UNIX-domain socket is attached to a location using the bind(2)
system call, the length of the provided path is not validated.  Later,
when this address was returned via other system calls, it is copied into
a fixed-length buffer.

III. Impact

A local user can cause the FreeBSD kernel to panic.  It may also be
possible to execute code with elevated privileges ("gain root"), escape
from a jail, or to bypass security mechanisms in other ways.

IV.  Workaround

No workaround is available, but systems without untrusted local users
are not vulnerable.

V.   Solution

Perform one of the following:

1) Upgrade your vulnerable system to 7-STABLE or 8-STABLE, or to
the RELENG_8_2, RELENG_8_1, RELENG_7_4, or RELENG_7_3 security
branch dated after the correction date.

2) To update your vulnerable system via a source code patch:

The following patch has been verified to apply to FreeBSD 7.4, 7.3,
8.2 and 8.1 systems.

a) Download the relevant patch from the location below, and verify the
detached PGP signature using your PGP utility.

# fetch http://security.FreeBSD.org/patches/SA-11:05/unix.patch
# fetch http://security.FreeBSD.org/patches/SA-11:05/unix.patch.asc

b) Apply the patch.

# cd /usr/src
# patch < /path/to/patch

c) Recompile your kernel as described in
<URL:http://www.FreeBSD.org/handbook/kernelconfig.html> and reboot the
system.

3) To update your vulnerable system via a binary patch:

Systems running 7.4-RELEASE, 7.3-RELEASE, 8.2-RELEASE, or 8.1-RELEASE on
the i386 or amd64 platforms can be updated via the freebsd-update(8)
utility:

# freebsd-update fetch
# freebsd-update install

VI.  Correction details

The following list contains the revision numbers of each file that was
corrected in FreeBSD.

CVS:

Branch                                                           Revision
  Path
– ————————————————————————-
RELENG_7
  src/sys/kern/uipc_usrreq.c                                   1.206.2.13
RELENG_7_4
  src/UPDATING                                             1.507.2.36.2.5
  src/sys/conf/newvers.sh                                   1.72.2.18.2.8
  src/sys/kern/uipc_usrreq.c                               1.206.2.11.4.2
RELENG_7_3
  src/UPDATING                                             1.507.2.34.2.9
  src/sys/conf/newvers.sh                                  1.72.2.16.2.11
  src/sys/kern/uipc_usrreq.c                               1.206.2.11.2.2
RELENG_8
  src/sys/kern/uipc_usrreq.c                                    1.233.2.6
RELENG_8_2
  src/UPDATING                                             1.632.2.19.2.5
  src/sys/conf/newvers.sh                                   1.83.2.12.2.8
  src/sys/kern/uipc_usrreq.c                                1.233.2.2.2.2
RELENG_8_1
  src/UPDATING                                             1.632.2.14.2.8
  src/sys/conf/newvers.sh                                   1.83.2.10.2.9
  src/sys/kern/uipc_usrreq.c                                1.233.2.1.4.2
RELENG_9
  src/sys/kern/uipc_usrreq.c                                    1.244.2.2
– ————————————————————————-

Subversion:

Branch/path                                                      Revision
– ————————————————————————-
stable/7/                                                         r225827
releng/7.4/                                                       r225827
releng/7.3/                                                       r225827
stable/8/                                                         r225827
releng/8.2/                                                       r225827
releng/8.1/                                                       r225827
stable/9/                                                         r225827
– ————————————————————————-

The latest revision of this advisory is available at
http://security.FreeBSD.org/advisories/FreeBSD-SA-11:05.unix.asc
—–BEGIN PGP SIGNATURE—–
Version: GnuPG v2.0.18 (FreeBSD)

iEYEARECAAYFAk6C4nUACgkQFdaIBMps37J5lwCgnq8BUBWckn0ZKMcsK5IDKMDV
ocgAn0PwSvoKxjGY4dgHlM1M6xVM8OWz
=AO92
—–END PGP SIGNATURE—–

原文链接:http://security.freebsd.org/advisories/FreeBSD-SA-11:05.unix.asc

FreeBSD-SA-11:04.compress.asc

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA1

=============================================================================
FreeBSD-SA-11:04.compress                                   Security Advisory
                                                          The FreeBSD Project

Topic:          Errors handling corrupt compress file in compress(1)
                and gzip(1)

Category:       core
Module:         compress
Announced:      2011-09-28
Credits:        Tomas Hoger, Joerg Sonnenberger
Affects:        All supported versions of FreeBSD.
Corrected:      2011-09-28 08:47:17 UTC (RELENG_7, 7.4-STABLE)
                2011-09-28 08:47:17 UTC (RELENG_7_4, 7.4-RELEASE-p3)
                2011-09-28 08:47:17 UTC (RELENG_7_3, 7.3-RELEASE-p7)
                2011-09-28 08:47:17 UTC (RELENG_8, 8.2-STABLE)
                2011-09-28 08:47:17 UTC (RELENG_8_2, 8.2-RELEASE-p3)
                2011-09-28 08:47:17 UTC (RELENG_8_1, 8.1-RELEASE-p5)
                2011-09-28 08:47:17 UTC (RELENG_9, 9.0-RC1)
CVE Name:       CVE-2011-2895

For general information regarding FreeBSD Security Advisories,
including descriptions of the fields above, security branches, and the
following sections, please visit <URL:http://security.FreeBSD.org/>.

I.   Background

The compress utility reduces the size of files using adaptive Lempel-Ziv
coding, or LZW coding, a lossless data compression algorithm.

Both compress(1) and gzip(1) uses code derived from 4.3BSD compress(1).

II.  Problem Description

The code used to decompress a file created by compress(1) does not do
sufficient boundary checks on compressed code words, allowing reference
beyond the decompression table, which may result in a stack overflow or
an infinite loop when the decompressor encounters a corrupted file.

III. Impact

An attacker who can cause a corrupt archive of his choice to be parsed
by uncompress(1) or gunzip(1), can cause these utilities to enter an
infinite loop, to core dump, or possibly to execute arbitrary code
provided by the attacker.

IV.  Workaround

No workaround is available, but systems not handling adaptive Lempel-Ziv
compressed files (.Z) from untrusted source are not vulnerable.

V.   Solution

Perform one of the following:

1) Upgrade your vulnerable system to 7-STABLE or 8-STABLE, or to
the RELENG_8_2, RELENG_8_1, RELENG_7_4, or RELENG_7_3 security
branch dated after the correction date.

2) To update your vulnerable system via a source code patch:

The following patches have been verified to apply to FreeBSD 7.4, 7.3,
8.2 and 8.1 systems.

a) Download the relevant patch from the location below, and verify the
detached PGP signature using your PGP utility.

# fetch http://security.FreeBSD.org/patches/SA-11:04/compress.patch
# fetch http://security.FreeBSD.org/patches/SA-11:04/compress.patch.asc

b) Execute the following commands as root:

# cd /usr/src
# patch < /path/to/patch
# cd /usr/src/usr.bin/compress
# make obj && make depend && make && make install
# cd /usr/src/usr.bin/gzip
# make obj && make depend && make && make install

3) To update your vulnerable system via a binary patch:

Systems running 7.4-RELEASE, 7.3-RELEASE, 8.2-RELEASE, or 8.1-RELEASE on
the i386 or amd64 platforms can be updated via the freebsd-update(8)
utility:

# freebsd-update fetch
# freebsd-update install

VI.  Correction details

The following list contains the revision numbers of each file that was
corrected in FreeBSD.

CVS:

Branch                                                           Revision
  Path
– ————————————————————————-
RELENG_7
  src/usr.bin/compress/zopen.c                                  1.12.10.1
  src/usr.bin/gzip/zuncompress.c                                  1.1.4.3
RELENG_7_4
  src/UPDATING                                             1.507.2.36.2.5
  src/sys/conf/newvers.sh                                   1.72.2.18.2.8
  src/usr.bin/compress/zopen.c                                  1.12.26.2
  src/usr.bin/gzip/zuncompress.c                              1.1.4.1.4.2
RELENG_7_3
  src/UPDATING                                             1.507.2.34.2.9
  src/sys/conf/newvers.sh                                  1.72.2.16.2.11
  src/usr.bin/compress/zopen.c                                  1.12.24.2
  src/usr.bin/gzip/zuncompress.c                              1.1.4.1.2.2
RELENG_8
  src/usr.bin/compress/zopen.c                                  1.12.22.2
  src/usr.bin/gzip/zuncompress.c                                  1.2.2.3
RELENG_8_2
  src/UPDATING                                             1.632.2.19.2.5
  src/sys/conf/newvers.sh                                   1.83.2.12.2.8
  src/usr.bin/compress/zopen.c                              1.12.22.1.6.2
  src/usr.bin/gzip/zuncompress.c                              1.2.2.1.6.2
RELENG_8_1
  src/UPDATING                                             1.632.2.14.2.8
  src/sys/conf/newvers.sh                                   1.83.2.10.2.9
  src/usr.bin/compress/zopen.c                              1.12.22.1.4.2
  src/usr.bin/gzip/zuncompress.c                              1.2.2.1.4.2
RELENG_9
  src/usr.bin/compress/zopen.c                                   1.16.2.2
  src/usr.bin/gzip/zuncompress.c                                  1.4.2.2
– ————————————————————————-

Subversion:

Branch/path                                                      Revision
– ————————————————————————-
stable/7/                                                         r225827
releng/7.4/                                                       r225827
releng/7.3/                                                       r225827
stable/8/                                                         r225827
releng/8.2/                                                       r225827
releng/8.1/                                                       r225827
stable/9/                                                         r225827
– ————————————————————————-

VII. References

http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2895

The latest revision of this advisory is available at
http://security.FreeBSD.org/advisories/FreeBSD-SA-11:04.compress.asc
—–BEGIN PGP SIGNATURE—–
Version: GnuPG v2.0.18 (FreeBSD)

iEYEARECAAYFAk6C4nIACgkQFdaIBMps37LymQCgmW2YYsSqvjxhiuHXt0bCcCgd
K5YAnA0/Z8++C6TKtUJ5Bzogd80a9OEd
=I+0k
—–END PGP SIGNATURE—–

原文链接:http://security.freebsd.org/advisories/FreeBSD-SA-11:04.compress.asc

FreeBSD-SA-11:03.bind

—–BEGIN PGP SIGNED MESSAGE—–
Hash: SHA1

=============================================================================
FreeBSD-SA-11:03.bind Security Advisory
The FreeBSD Project

Topic: Remote packet Denial of Service against named(8) servers

Category: contrib
Module: bind
Announced: 2011-09-28
Credits: Roy Arends
Affects: 8.2-STABLE after 2011-05-28 and prior to the correction date
Corrected: 2011-07-06 00:50:54 UTC (RELENG_8, 8.2-STABLE)
CVE Name: CVE-2011-2464

Note: This advisory concerns a vulnerability which existed only in
the FreeBSD 8-STABLE branch and was fixed over two months prior to the
date of this advisory.

For general information regarding FreeBSD Security Advisories,
including descriptions of the fields above, security branches, and the
following sections, please visit <URL:http://security.FreeBSD.org/>.

I. Background

BIND 9 is an implementation of the Domain Name System (DNS) protocols.
The named(8) daemon is an Internet Domain Name Server.

II. Problem Description

A logic error in the BIND code causes the BIND daemon to accept bogus
data, which could cause the daemon to crash.

III. Impact

An attacker able to send traffic to the BIND daemon can cause it to
crash, resulting in a denial of service.

IV. Workaround

No workaround is available, but systems not running the BIND name server
are not affected.

V. Solution

Upgrade your vulnerable system to 8-STABLE dated after the correction
date.

VI. Correction details

The following list contains the revision numbers of each file that was
corrected in FreeBSD.

CVS:

Branch Revision
Path
– ————————————————————————-
RELENG_8
src/contrib/bind9/lib/dns/message.c 1.3.2.3
– ————————————————————————-

Subversion:

Branch/path
Revision
– ————————————————————————-
stable/8/ r223815
– ————————————————————————-

VII. References

http://www.isc.org/software/bind/advisories/cve-2011-2464 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2011-2464
The latest revision of this advisory is available at
http://security.FreeBSD.org/advisories/FreeBSD-SA-11:03.bind.asc —–BEGIN PGP SIGNATURE—–
Version: GnuPG v2.0.18 (FreeBSD)

iEYEARECAAYFAk6C4CYACgkQFdaIBMps37LwQgCeIDVGsCWOLoVdmWogOOaPC1UG
9G8AoJPlRbNmkEWMg7uoOYrvjWlRRdlK
=aUvD
—–END PGP SIGNATURE—–

原文链接:http://security.freebsd.org/advisories/FreeBSD-SA-11:03.bind.asc

FreeBSD下如何使用移动硬盘

FreeBSD下如何使用移动硬盘

摘要

这个Wiki页面主要介绍如何在FreeBSD系统下面使用USB接口的移动硬盘。

FreeBSD使用移动硬盘的不同方式

严格的说FreeBSD系统只提供了一种使用移动硬盘的方式,但是很多桌面用户都会运行X。

X系统同样提供挂载移动硬盘的方法,比如我用Xorg+GNOME,我也可以使用HALD来挂载移动硬盘。

在这里,我们只介绍如何使用FreeBSD系统提供的方法来挂载移动硬盘。

基本步骤

在FreeBSD系统下面使用移动硬盘并不复杂,只需要几个基本的配置即可实现。

添加内核支持

很显然,不论你使用什么设备,你都需要将其添加进入内核(直接进内核或编译成模块)。

这里我们使用的是USB接口的硬盘,所以就需要添加对USB设备的支持。

简单的说,你需要在内核的配置文件里面添加下述内容:

device scbus
device da
device pass
device uhci
device ohci
device ehci
device usb
device umass

使用默认内核的用户可以无视这个操作,因为默认内核是提供对USB设备的支持。

详细情况可参考FreeBSD Handbook。

完成上述操作之后你的系统就能识别你的移动硬盘了。

对移动硬盘进行分区

如何分区是用户的问题了,这里只介绍如何使用UFS文件系统。

插入移动硬盘,然后用root用户运行sysinstall。
Condigure → Fdisk → 然后设定你喜欢的Slice分区方式,比如我整个移动硬盘都是用UFS,我就直接选择Use Entire Disk;然后,选择Write Changes;然后,选择Do not install a boot manager;然后退出sysinstall。

再次运行sysinstall,注意我说的是再次运行sysinstall。
Condigure → Label → 然后设定你喜欢的Partition分区方式,最后选择Write。

需要注意的是,在这个步骤中,你需要设定新建Partition的挂载位置,你最好选在挂载在/tmp下面,如果你选在挂载在root目录下面,系统就会在root下面创建目录,当然你可以自己删除那个没用的目录。

如果你的rc.conf里面有下述内容,系统开机时会自动清理/tmp目录:

clear_tmp_enable="YES"

我的分区方式是整个移动硬盘只有一个Slice,然后这个Slice里面有3个Partition。

对应/dev目录下面的

da0
da0s1
da0s1d
da0s1e
da0s1f

普通用户挂载

多数情况下,没有人使用root用户进行日常的操作,所以我们必须使用普通用户来挂载以及卸载移动硬盘。

把下述内容添加进入/etc/devfs.rules:
[localrules=5]
add path ‘da*’ mode 0660 group operator

告诉系统operator组可以挂载。

注意是/etc/devfs.rules,不是/etc/devfs.conf。后者用于控制开机就存在的设备,前者用于控制可插拔的设备。

把下述内容添加进入/etc/rc.conf:
devfs_system_ruleset="localrules"

告诉系统使用/etc/devfs.rules中设定的规则。

把下述内容添加进入/etc/sysctl.conf:
vfs.usermount=1

告诉系统普通用户可以挂载。

设定移动硬盘分区的权限
设定权限比较简单,你可以在/mnt目录下面建立自己的文件夹用于挂载自己的移动硬盘,比如我的/mnt目录下面有5个文件夹:

> ls /mnt/
fender_01    fender_02    fender_03    fender_04    fender_05

首先你需要使用root用户来手工挂载移动硬盘分区到fender_01,fender_02,fender_03。

# cd /mnt/
# mount /dev/da0s1d fender_01
# mount /dev/da0s1e fender_02
# mount /dev/da0s1f fender_03

然后你需要设定fender_01,fender_02,fender_03这三个目录的权限。

# cd /mnt/
# chown fender:operator *

注意,fender这个用户在operator组里面。

# pw group mod operator -m fender

完成上述操作你就可以使用fender这个用户来挂载移动硬盘了。

防止HALD挂载移动硬盘

既然本文开始就说明了使用FreeBSD系统提供的基本方法来挂载移动硬盘,我们就需要防止HALD来挂载移动硬盘。

屏蔽方法如下,在/usr/local/share/hal/fdi/preprobe/20thirdparty目录,

建立da.fdi文件并写入:
<?xml version="1.0" encoding="UTF-8"?>

<deviceinfo version="0.2">
  <device>
    <match key="freebsd.driver" string="da">
      <match key="freebsd.unit" int="0">
        <merge key="info.ignore" type="bool">true</merge>
      </match>
    </match>
  </device>
</deviceinfo>

这个文件用于防止HALD挂载移动硬盘。

建立acd.fdi文件并写入:
<?xml version="1.0" encoding="UTF-8"?>
<deviceinfo version="0.2">
  <device>
    <match key="freebsd.driver" string="acd">
      <match key="freebsd.unit" int="0">
        <merge key="info.ignore" type="bool">true</merge>
      </match>
    </match>
  </device>
</deviceinfo>

这个文件用于防止HALD挂载我的光驱(和移动硬盘关系不大)。

如果你没有按照X,那么你可以直接无视这个步骤。

弄一个自动挂载和卸载的脚本

都弄好了就在弄一个脚本吧,省着天天敲命令,一方面是比较麻烦,另外一方面是周围人看着比较奇怪(你看那个变态,用个移动硬盘还得得瑟着敲半天键盘,真能装,)。

> cd
> cd bin/
> cat mount_rhd.sh
#! /bin/sh
mount /dev/da0s1d /mnt/fender_01;
mount /dev/da0s1e /mnt/fender_02;
mount /dev/da0s1f /mnt/fender_03;
> cat umount_rhd.sh
#! /bin/sh
sync;
umount /mnt/fender_01;
umount /mnt/fender_02;
umount /mnt/fender_03;

当然了这个脚本应该放在你的shell能找到的地方了,比如我就放在自己home下面的bin里面,然后把这个bin加到自己shell程序的搜索目录就行了。

最后开个小玩笑,不要以为最后那段代码里面第一个cd命令是多余的,那个cd命令是用于会到自己home的。

原文链接:http://wiki.freebsdchina.org/doc/b/removable_disk_usage

FreeBSD 9.0-BETA2 发布

FreeBSD是类UNIX操作系统,它基于加州伯克利大学的“4.4BSD-Lite”发行并带有一些“4.4BSD-Lite2”增强,面向 i386、amd64、IA-64、arm、MIPS、powerpc、ppc64、PC-98、UltraSPARC等平台。它还间接地基于 “386BSD”,此乃William Jolitz对加州伯克利大学的“Net/2”往i386系统上的移植,尽管如今只有极少的代码保留下来。FreeBSD被全世界的公司、因特网服务提供 商、科研人员、计算机专家、学生、家庭用户等用于他们的工作、教育、娱乐中。FreeBSD带有20000多个软件包,它们是预编译和打包好了、便于安装 的软件,并覆盖了广阔的应用领域:服务器软件、数据库和网页服务器、桌面软件、游戏、网络浏览器和商务软件,而这一切都是免费和易于安装的。

发行说明:
http://lists.freebsd.org/pipermail/freebsd-stable/2011-September/063841.html

下载地址:
FreeBSD-9.0-BETA2-i386-dvd1.iso (498MB, SHA256)
FreeBSD-9.0-BETA2-amd64-dvd1.iso (607MB, SHA256)