Re: [freenet-support] SECURITY!?! - many images/html/... files in /tmp - Security?
In message [EMAIL PROTECTED], thomas [EMAIL PROTECTED] writes Hi, once again: My fproxy (linux) runs on the Internet-Gateway I use the fproxy vom the internal network with a linux box and NS4.x. I have not started a browser on the box where the fproxy runs. I have tested again now. - Start fproxy - connect from a remote PC to the fproxy - try to browse some freenet sites - In the /tmp directory on the fproxy box i found many t** files - a file /tmp/t??? shows me that these files includes html/jpg/gif - i copy these files to the internal linux box and browse these files with konqueror. It shows me the same pages/images i have browsed before with the NS and fproxy. So, whats going on there!?! Snip less clear exposition and discussion of the problem That is truly inexplicable. My only comment is that it is probably not Freenet that is writing the files. You might try opening a Freenet site in your browser, leaving it open, then going to the fproxy box, finding the latest /tmp/t**, and then looking somewhere relevant in /proc to see which program has the /tmp/t** file open. -- Roger Hayter ___ support mailing list [EMAIL PROTECTED] http://hawk.freenetproject.org/cgi-bin/mailman/listinfo/support
Re: [freenet-support] SECURITY!?! - many images/html/... files in /tmp - Security?
Hello, i have done it. Here is the output of lsof | grep tmp java 22752 root 31w REG3,6 57219 103492 /tmp/t30a154f2 java 22755 root 31r REG3,6 72133 103492 /tmp/t30a154f2 java 22758 root 31r REG3,6 72133 103492 /tmp/t30a154f2 java 22759 root 31r REG3,6 72133 103492 /tmp/t30a154f2 java 22760 root 31r REG3,6 72133 103492 /tmp/t30a154f2 java 22761 root 31r REG3,6 72133 103492 /tmp/t30a154f2 java 22762 root 31r REG3,6 72133 103492 /tmp/t30a154f2 java 22763 root 31r REG3,6 72133 103492 /tmp/t30a154f2 java 22764 root 31r REG3,6 72133 103492 /tmp/t30a154f2 java 22765 root 31r REG3,6 72133 103492 /tmp/t30a154f2 java 22766 root 31r REG3,6 72133 103492 /tmp/t30a154f2 java 22785 root 31r REG3,6 72133 103492 /tmp/t30a154f2 java 22792 root 31r REG3,6 72133 103492 /tmp/t30a154f2 java 22794 root 31r REG3,6 72133 103492 /tmp/t30a154f2 java 22795 root 31r REG3,6 72133 103492 /tmp/t30a154f2 java 22796 root 31r REG3,6 72133 103492 /tmp/t30a154f2 java 22797 root 31r REG3,6 72133 103492 /tmp/t30a154f2 java 22798 root 31r REG3,6 72133 103492 /tmp/t30a154f2 .. ... The only java process wich is running is freenet(fproxy). I have NOT set any debug options. Regards, Thomas Zitat von Roger Hayter [EMAIL PROTECTED]: In message [EMAIL PROTECTED], thomas [EMAIL PROTECTED] writes Hi, once again: My fproxy (linux) runs on the Internet-Gateway I use the fproxy vom the internal network with a linux box and NS4.x. I have not started a browser on the box where the fproxy runs. I have tested again now. - Start fproxy - connect from a remote PC to the fproxy - try to browse some freenet sites - In the /tmp directory on the fproxy box i found many t** files - a file /tmp/t??? shows me that these files includes html/jpg/gif - i copy these files to the internal linux box and browse these files with konqueror. It shows me the same pages/images i have browsed before with the NS and fproxy. So, whats going on there!?! Snip less clear exposition and discussion of the problem That is truly inexplicable. My only comment is that it is probably not Freenet that is writing the files. You might try opening a Freenet site in your browser, leaving it open, then going to the fproxy box, finding the latest /tmp/t**, and then looking somewhere relevant in /proc to see which program has the /tmp/t** file open. -- Roger Hayter ___ support mailing list [EMAIL PROTECTED] http://hawk.freenetproject.org/cgi-bin/mailman/listinfo/support - This mail sent through IMP: http://horde.org/imp/ ___ support mailing list [EMAIL PROTECTED] http://hawk.freenetproject.org/cgi-bin/mailman/listinfo/support
[freenet-support] Today's build.
I have different proxy pages on two server the fisrt running today's build, the second the day before build. The links on the pages are different. Both nodeinfo show bild 495, cvs 1.57 Some problem in committing new version ? Ciao. Marco -- + il Progetto Freenet - segui il coniglio bianco+ * the Freenet Project - follow the white rabbit* * Marco A. Calamari[EMAIL PROTECTED] www.marcoc.it* * PGP RSA: ED84 3839 6C4D 3FFE 389F 209E 3128 5698 * + DSS/DH: 8F3E 5BAE 906F B416 9242 1C10 8661 24A9 BFCE 822B + ___ support mailing list [EMAIL PROTECTED] http://hawk.freenetproject.org/cgi-bin/mailman/listinfo/support
Re: [freenet-support] SECURITY!?! - many images/html/... files in /tmp - Security?
You seem to have discovered a very worrying problem! If Freenet deposits plain text versions of everything you look at here and there, it can't be good for deniability. Are these /tmp files only of things you have collected by fproxy, or of other things passing through the node? I certainly don't get any of them. I think we need some help from the Freenet PTB here, if any of them are passing. -- Roger Hayter In message [EMAIL PROTECTED], thomas [EMAIL PROTECTED] writes Hello, i have done it. Here is the output of lsof | grep tmp java 22752 root 31w REG3,6 57219 103492 /tmp/t30a154f2 java 22755 root 31r REG3,6 72133 103492 /tmp/t30a154f2 java 22758 root 31r REG3,6 72133 103492 /tmp/t30a154f2 java 22759 root 31r REG3,6 72133 103492 /tmp/t30a154f2 java 22760 root 31r REG3,6 72133 103492 /tmp/t30a154f2 java 22761 root 31r REG3,6 72133 103492 /tmp/t30a154f2 java 22762 root 31r REG3,6 72133 103492 /tmp/t30a154f2 java 22763 root 31r REG3,6 72133 103492 /tmp/t30a154f2 java 22764 root 31r REG3,6 72133 103492 /tmp/t30a154f2 java 22765 root 31r REG3,6 72133 103492 /tmp/t30a154f2 java 22766 root 31r REG3,6 72133 103492 /tmp/t30a154f2 java 22785 root 31r REG3,6 72133 103492 /tmp/t30a154f2 java 22792 root 31r REG3,6 72133 103492 /tmp/t30a154f2 java 22794 root 31r REG3,6 72133 103492 /tmp/t30a154f2 java 22795 root 31r REG3,6 72133 103492 /tmp/t30a154f2 java 22796 root 31r REG3,6 72133 103492 /tmp/t30a154f2 java 22797 root 31r REG3,6 72133 103492 /tmp/t30a154f2 java 22798 root 31r REG3,6 72133 103492 /tmp/t30a154f2 .. ... The only java process wich is running is freenet(fproxy). I have NOT set any debug options. Regards, Thomas Zitat von Roger Hayter [EMAIL PROTECTED]: In message [EMAIL PROTECTED], thomas [EMAIL PROTECTED] writes Hi, once again: My fproxy (linux) runs on the Internet-Gateway I use the fproxy vom the internal network with a linux box and NS4.x. I have not started a browser on the box where the fproxy runs. I have tested again now. - Start fproxy - connect from a remote PC to the fproxy - try to browse some freenet sites - In the /tmp directory on the fproxy box i found many t** files - a file /tmp/t??? shows me that these files includes html/jpg/gif - i copy these files to the internal linux box and browse these files with konqueror. It shows me the same pages/images i have browsed before with the NS and fproxy. So, whats going on there!?! Snip less clear exposition and discussion of the problem That is truly inexplicable. My only comment is that it is probably not Freenet that is writing the files. You might try opening a Freenet site in your browser, leaving it open, then going to the fproxy box, finding the latest /tmp/t**, and then looking somewhere relevant in /proc to see which program has the /tmp/t** file open. -- Roger Hayter ___ support mailing list [EMAIL PROTECTED] http://hawk.freenetproject.org/cgi-bin/mailman/listinfo/support - This mail sent through IMP: http://horde.org/imp/ ___ support mailing list [EMAIL PROTECTED] http://hawk.freenetproject.org/cgi-bin/mailman/listinfo/support ___ support mailing list [EMAIL PROTECTED] http://hawk.freenetproject.org/cgi-bin/mailman/listinfo/support
[freenet-support] (no subject)
This is all guess work as an observer with little knowledge of the theory or practice of Freenet code. I'm not particularly surprised that files from freenet sites would turn up on one's computer. Unless the freenet code contained it's own browser this seems an almost certainty. I'm using a Windows 2K system with Earthlink.net access. The browser provided by the latter largely calls segments of regular Window browser for it's work. Windows is noted for putting convenience (so long as that is not a problem to MS) above security until someone with a very broad-band voice complains. But without freenet providing it's own "secure" browser, one would suspect that most of the other browsers would leave local tell-tales. Surely many have noticed that a second call to the same site (which has given up) will almost always load some of the graphics (and text even quicker)much faster the second time. This implies they are laying around ready to be accessed again by the browser. Recently I was hunting something and found that the search function of Windows is quite capable of pointing to items in the cache (even though it looks quite meaningless if one opens such a folder directly). And it appears that one can copy that file found by search into another location. I'm sure those who regularly try to extract material from confiscated (or even sold) disks know this. That is, it appears that Windows provides the code to break the packing, but that is expected since the browser (or other functions) need to examine items that have been downloaded to the local machine. And of course, if you have a browser that's not broken (as is my Windows currently) one can extract HTML source code (Netscape and Mozilla can do this just fine) so one too should be able to transfer graphic files from Internet folders even though they look cryptic. The cheap solution (not in time) might well be to keep an inventory of what is being downloaded by Freenet and then promptly delete those files as soon as the Browser has finished it's work, but does Freenet currently know the final name or location of these files before it sends them to the Browser? Does it have access to that information immediately after the Browser finishes? What happens if on closes the Browser without returning to Freenet GUI? --- Nicholas Sturm --- [EMAIL PROTECTED] ___ support mailing list [EMAIL PROTECTED] http://hawk.freenetproject.org/cgi-bin/mailman/listinfo/support
Re: [freenet-support] SECURITY!?! - many images/html/... files in /tmp - Security?
thomas ([EMAIL PROTECTED]) wrote: - Start fproxy - connect from a remote PC to the fproxy - try to browse some freenet sites - In the /tmp directory on the fproxy box i found many t** files - a file /tmp/t??? shows me that these files includes html/jpg/gif Wow -- you're right. There are definitely files being created by the user ID that runs the freenet node (*not* the web browser, as I thought) in /tmp. I have no idea what these files are used for. For whatever it's worth, on my node, all of the files in /tmp are less than 10 minutes old. Thanks for bringing this to my attention (even though I'm not a Java programmer and therefore can't do much about it). -- Greg Wooledge | Truth belongs to everybody. [EMAIL PROTECTED] |- The Red Hot Chili Peppers http://wooledge.org/~greg/ | msg01009/pgp0.pgp Description: PGP signature
Re: [freenet-support] SECURITY!?! - many images/html/... files in /tmp - Security?
In message [EMAIL PROTECTED], Greg Wooledge [EMAIL PROTECTED] writes thomas ([EMAIL PROTECTED]) wrote: - Start fproxy - connect from a remote PC to the fproxy - try to browse some freenet sites - In the /tmp directory on the fproxy box i found many t** files - a file /tmp/t??? shows me that these files includes html/jpg/gif Wow -- you're right. There are definitely files being created by the user ID that runs the freenet node (*not* the web browser, as I thought) in /tmp. I have no idea what these files are used for. For whatever it's worth, on my node, all of the files in /tmp are less than 10 minutes old. Thanks for bringing this to my attention (even though I'm not a Java programmer and therefore can't do much about it). If they don't last very long, that's probably why no-one has noticed it before. I suppose it is pretty inevitable that the plain text of a Freenet request is going to exist on the machine Freenet is running on in some form or other, but actually leaving it in /tmp seems worrying. I hope no-one thought contacting fproxy on someone else's server was in any way anonymous, but this confirms it is trivially easy to read such traffic. -- Roger Hayter ___ support mailing list [EMAIL PROTECTED] http://hawk.freenetproject.org/cgi-bin/mailman/listinfo/support
Re: [freenet-support] SECURITY!?! - many images/html/... files in /tmp - Security?
At 12:34 AM 08/21/2002 +0100, Roger Hayter wrote: In message [EMAIL PROTECTED], Greg Wooledge [EMAIL PROTECTED] writes thomas ([EMAIL PROTECTED]) wrote: - Start fproxy - connect from a remote PC to the fproxy - try to browse some freenet sites - In the /tmp directory on the fproxy box i found many t** files - a file /tmp/t??? shows me that these files includes html/jpg/gif Wow -- you're right. There are definitely files being created by the user ID that runs the freenet node (*not* the web browser, as I thought) in /tmp. I have no idea what these files are used for. For whatever it's worth, on my node, all of the files in /tmp are less than 10 minutes old. Thanks for bringing this to my attention (even though I'm not a Java programmer and therefore can't do much about it). If they don't last very long, that's probably why no-one has noticed it before. I suppose it is pretty inevitable that the plain text of a Freenet request is going to exist on the machine Freenet is running on in some form or other, but actually leaving it in /tmp seems worrying. I hope no-one thought contacting fproxy on someone else's server was in any way anonymous, but this confirms it is trivially easy to read such traffic. -- Roger Hayter You might want to take a look at freenet.support.FileBucket. I think the culprit you are looking for is the no-arg constructor. It creates a file bucket in a temporary directory. There are a few System properties and a couple (Linux and Windows) OS-specific hardcodings in there governing where to put the files that are created by the no-arg constructor. There is a finalizer which will delete any new files created by the FileBucket, but finalizers are not guaranteed to run, so it's not exactly 100%. The finalizer is probably why the files don't live very long--at least until you shut down your node abruptly (cuz there ain't no other way to do it :/) You might want to set one of the system properties for the JVM running your node that are mentioned in the code to force these files to a specific location so they can be easily cleaned up manually in case the finalizer didn't get a chance to do that. From a quick grep, I found three places where this consturctor is used (there could be more depending on line breaks, etc.): --freenet.client.cli.CLI --freenet.client.http.FproxyServlet --freenet.crypt.ProgressiveHashInputStream Ed ___ support mailing list [EMAIL PROTECTED] http://hawk.freenetproject.org/cgi-bin/mailman/listinfo/support