Thanks security-conscious Dustin Kirkland for this great bash script
("I've insisted on shell here for transparency! - Dustin ")
and other contributions like NSA's SELinux or security sensible
software like Pollinate (Entropy-as-a-Service in the cloud) via
https://entropy.ubuntu.com
Packing so many sensible info inside User-Agent sent daily by default
from all Ubuntu to https://motd.ubuntu.com is brillant!
less /etc/update-motd.d/50-motd-news
```
# 50-motd-news - print the live news from the Ubuntu wire
# Copyright (C) 2016-2017 Canonical Ltd.
# Copyright (C) 2016-2017 Dustin Kirkland
##############################################################################
# This program could be rewritten in C or Golang for faster performance.
# Or it could be rewritten in Python or another higher level language
# for more modularity.
# However, I've insisted on shell here for transparency!
# - Dustin
##############################################################################
# Curl browser version, for debug purposes
curl_ver="$(dpkg -l curl | awk '$1 == "ii" { print($3); exit(0); }')"
# Distribution version, for messages releated to this Ubuntu release
. /etc/lsb-release
lsb=$(echo "$DISTRIB_DESCRIPTION" | sed -e "s/ /\//g")
codename="$DISTRIB_CODENAME"
# Kernel version and CPU type, for messages related to a particular revision or
hardware
platform="$(uname -o)/$(uname -r)/$(uname -m)"
arch="$(uname -m)"
cpu="$(grep -m1 "^model name" /proc/cpuinfo | sed -e "s/.*: //" -e
"s:\s\+:/:g")"
cloud_id="unknown"
if [ -x /usr/bin/cloud-id ]; then
/usr/bin/cloud-id > "$CLOUD" 2>/dev/null
if [ $? -eq 0 ]; then
# sanitize it a bit, just in case
cloud_id=$(cut -c -40 "${CLOUD}" | tr -c -d '[:alnum:]')
if [ -z "${cloud_id}" ]; then
cloud_id="unknown"
fi
fi
fi
# Some messages may only be pertinent before or after some amount of uptime
read up idle < /proc/uptime
uptime="uptime/$up/$idle"
# Piece together the user agent
USER_AGENT="curl/$curl_ver $lsb $platform $cpu $uptime cloud_id/$cloud_id"
...
# Fetch and print the news motd
if curl --connect-timeout "$WAIT" --max-time "$WAIT" -A "$USER_AGENT"
-o- "$u" >"$NEWS" 2>"$ERR"; then
```
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/1867424
Title:
motd-news transmitting private hardware data without consent or
knowledge in background
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/base-files/+bug/1867424/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
