From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-qt1-x829.google.com (mail-qt1-x829.google.com [IPv6:2607:f8b0:4864:20::829]) (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits)) (No client certificate requested) by lists.bufferbloat.net (Postfix) with ESMTPS id E19E63B2A4 for ; Sun, 16 Dec 2018 22:02:58 -0500 (EST) Received: by mail-qt1-x829.google.com with SMTP id t33so9852780qtt.4 for ; Sun, 16 Dec 2018 19:02:58 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc:content-transfer-encoding; bh=y+EfNfO+Bmd6ZSXKNi60ncN5HBVtrrY7zDbIfyDEHY4=; b=It+Sq9faCFf8CqdmL+g9jc9bplIOok0ltuDFdBfGtqLCOfauloDWLkBC4eE0lhoOc7 Eq5WCcbm8m42LRFACVdVTzOuKfv7Et3QBEuHeloke99QqGuqX6UqU94xosHSfrtYPSCq LGUXgpFCYwJfVlKm+ou2qMFdALe2w7n5wZCphKI2jAXMKI/Bkthx+1vsGeydBeZqpr1d KGu5AwO1k8kblUSQO8u7f38TOzBu2LqQ6X7AIlfDEk87VQdg/nQsElCdZrAMmKzCT42D wHKkdaYwViOmUHG+8smfc5FJXDGG4jIkAtJqIxqmzyAk2+BwjuIs6NBvWKwge9pTOd3p t3bA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc:content-transfer-encoding; bh=y+EfNfO+Bmd6ZSXKNi60ncN5HBVtrrY7zDbIfyDEHY4=; b=bzTMR51UopS9CkIKWBdmToIt0y98CwHh+dAnOhH4XLOxYIdd9TfD2MNOXR6kWqQJZB S3+SCLCmxc/iQeu+U10QIoexLaFj+aAHIzDZKWZytMz+P5ObNuPZRsdmyYKkxlZf98ap g43I05ECLmvz8pY5mgZQTs5Xp5ydiwI98sHZWm0HWr9fncFs51LJtk1z9jtn2G1/5qhf dDZ8jg6vnmmV1t7w5Af9topkKb8vGeeJYUKO0mFhZRowp7mn/aMo/otNXCDfbShnOdfT AjVPVy8U0eb9rG5dL5iC26J0au1DxCWp2gNTevDF24bTEiyBTrNUEAESjh+bGAwHDkeC HS2A== X-Gm-Message-State: AA+aEWaEG9SfSJt+XpId2SQatLC5rvh3/wTKSjIEb90vzkFTRupZCJRE fqPn2s+1vYyUCq1EZtyp/K3JFG3YqPtJr14pr8Q= X-Google-Smtp-Source: AFSGD/VAK7tuiIFujBSX2U/ccu7Tic3abr6DjkI8wTobgh8TSb2fqcaIMmStRKmaC5i8ivMUQPXr80tZjdJEgVu1vqM= X-Received: by 2002:ac8:5314:: with SMTP id t20mr11592739qtn.328.1545015778304; Sun, 16 Dec 2018 19:02:58 -0800 (PST) MIME-Version: 1.0 References: <1545007270.738911348@apps.rackspace.com> In-Reply-To: From: Dave Taht Date: Sun, 16 Dec 2018 19:02:46 -0800 Message-ID: To: "David P. Reed" Cc: Dave Taht , cerowrt-devel Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable Subject: Re: [Cerowrt-devel] Hmmm... Worth reading re router security X-BeenThere: cerowrt-devel@lists.bufferbloat.net X-Mailman-Version: 2.1.20 Precedence: list List-Id: Development issues regarding the cerowrt test router project List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Mon, 17 Dec 2018 03:02:59 -0000 The mips stack is not executable on this ----------------------------------------------------- OpenWrt 18.06.1, r7258-5eb055306f ----------------------------------------------------- root@edgerouterx:~# cat /proc/self/maps 00400000-0044c000 r-xp 00000000 fe:00 870 /bin/busybox 0045b000-0045c000 r-xp 0004b000 fe:00 870 /bin/busybox 0045c000-0045d000 rwxp 0004c000 fe:00 870 /bin/busybox 77ee7000-77f0a000 r-xp 00000000 fe:00 1014 /lib/libgcc_s.so.1 77f0a000-77f0b000 rwxp 00013000 fe:00 1014 /lib/libgcc_s.so.1 77f0b000-77f9d000 r-xp 00000000 fe:00 993 /lib/libc.so 77fa9000-77fab000 r--p 00000000 00:00 0 [vvar] 77fab000-77fac000 r-xp 00000000 00:00 0 [vdso] 77fac000-77fae000 rwxp 00091000 fe:00 993 /lib/libc.so 77fae000-77fb0000 rwxp 00000000 00:00 0 7f831000-7f852000 rw-p 00000000 00:00 0 [stack] 7ffff000-80000000 rwxp 00000000 00:00 0 On Sun, Dec 16, 2018 at 4:55 PM Dave Taht wrote: > > Why is it so hard for a group like this to ALSO take a hard look at openw= rt? > > I don't recall what compiler was used for 18.06, but my kernel is 4.14 > at least.... > > friends don't let friends run factory firmware. All that said, I have > no idea if present-day, prior-day openwrt currently addresses all the > concerns in this report, and I forwarded it to the openwrt-devel list. > > I'd tried to get ahold of mudge and co dozens of times in the last 7 > years. Glad they finally paid attention. > > On Sun, Dec 16, 2018 at 4:41 PM David P. Reed wrote= : > > > > A look at home routers, and a surprising bug in Linux/MIPS - https://cy= ber-itl.org/2018/12/07/a-look-at-home-routers-and-linux-mips.html > > > > > > > > _______________________________________________ > > Cerowrt-devel mailing list > > Cerowrt-devel@lists.bufferbloat.net > > https://lists.bufferbloat.net/listinfo/cerowrt-devel > > > > -- > > Dave T=C3=A4ht > CTO, TekLibre, LLC > http://www.teklibre.com > Tel: 1-831-205-9740 --=20 Dave T=C3=A4ht CTO, TekLibre, LLC http://www.teklibre.com Tel: 1-831-205-9740