Bug 165283. Remove reference to Mac OS from help file.
This commit is contained in:
Jim Norman
parent
abacf42fa4
commit
98c2441e08
67
CASA.changes
67
CASA.changes
@ -1,3 +1,70 @@
|
||||
-------------------------------------------------------------------
|
||||
Wed Apr 26 16:17:00 MST 2006 - jnorman@novell.com
|
||||
- Bug 165283. Remove reference to Mac OS from help file.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Apr 26 15:50:00 MST 2006 - jnorman@novell.com
|
||||
- Security Audit Recap:
|
||||
- Item 4.1, File: c_micasad/lss/Rfc2898DeriveBytes.c
|
||||
1. This item is awaiting licensing on a portable random number
|
||||
generator received through a contribution to the the project.
|
||||
- Item 4.2 File: c_micasad/cache/KeyValue.c
|
||||
1. Fix is in line 202 of the file. We improved XOR algorithm by
|
||||
increasing the size of the key to equate the value.
|
||||
- Item 4.3 File: c_micasad/lss/LocalStorage.cs
|
||||
1. Now files are checked for ownership before being removed.
|
||||
New methods added and there are changes through out the file to support this.
|
||||
- Item 4.4 File: c_micasad/lss/CASACrypto.cs
|
||||
1. IV fix will be checked in as soon as the item No. 1 above is approved.
|
||||
2. For this item now we testing the file to make sure it is not a
|
||||
symbolic link. (line 454, 455 in the file.)
|
||||
3. This was a low priority item and we are investigating this.
|
||||
4. This function was not used hence removed.
|
||||
5. The default behavior of the file creation was modified to set the
|
||||
rights at creation time.
|
||||
- Item 5.1 File: c_micasad/communication/UnixCommunication
|
||||
1. This was fixed by checking to see if the root was not the owner
|
||||
of the socket to remove the file.
|
||||
- Item 5.2 File: c_micasad/lib/communication/UnixIPCClientChannel.cs
|
||||
1. This was fixed by validating the owner of the socket before use.
|
||||
- Item 5.3 File: c_micasad/lib/communication/UnixIPCClientChannel.cs
|
||||
1. This was fixed by validating the buffer size before allocation of memory.
|
||||
- Item 5.4 File: c_micasad/lss/CASACrypto.cs
|
||||
1. This was fixed by checking for minimum length.
|
||||
2. We can't check for upper limit for memory for maximum file size because
|
||||
we don't know how big the file can get. System will swap the pages out
|
||||
of the cache if it gets big and those pages are fragments of the encrypted
|
||||
cache. The original decrypted cache will be subject to garbage collection
|
||||
by Mono or .Net. We have added the forced garbage collection after
|
||||
finishing the decryption operation.
|
||||
- Item 5.5 File: c_micasad/verbs/ObjectSerializtion.cs
|
||||
1. The memory size checks have been added to the code for validation.
|
||||
- Item 5.6 File: c_micasad/verbs/OpenSecretStore.cs
|
||||
1. The buffer size validation is added.
|
||||
2. MsgId 0x1001 is not correct.
|
||||
- Item 5.7 File: c_micasad/verbs/SetMasterPasscode.cs
|
||||
1. The buffer size validation is added.
|
||||
- Item 5.8 File: c_micasad/common/SessionManager.cs
|
||||
1. We are running as root so $PATH is root's $PATH.
|
||||
2. We can go through he while loop twice that is the reason we used the loop.
|
||||
- Item 5.9 File: c_micasad/sscs_ndk.c
|
||||
1. All of the instances of strcpy, strcmp, strcat, strlen, were replaced
|
||||
with strncpy, strncmp, strncat and strlen was eliminated.
|
||||
2. TheUtf8 macros were modified to force a null at the end of the string
|
||||
buffer where the length was declared.
|
||||
3. All of the buffer lengths for upper bounds are being validated before use.
|
||||
4. sscsshs_ChkEscapeString was fixed.
|
||||
- Item 5.10 File: auth_token/kbr5_token/linux/get.c
|
||||
1. This file is not build as a part of CASA 1.6 yet and is supposed to be
|
||||
completed and shipped in CASA 1.7. The fix will be applied later.
|
||||
- Item 5.11 File: c_micasacache/sscs_ipc
|
||||
1. Handling of the end files has been added to the code.
|
||||
- Item 5.12 File: c_micasacache/sscs_unx_ipc_client.c
|
||||
1. Tokenize function has been fixed.
|
||||
2. Validation of the buflen is added where applicable.
|
||||
- Item 5.13 File: c_adlib/ad_gk/native.c
|
||||
1. The validation of the buffer length has been added to the code.
|
||||
|
||||
-------------------------------------------------------------------
|
||||
Wed Apr 26 15:39:00 MST 2006 - jnorman@novell.com
|
||||
- Security Audit 5:13. Use proper length on strncpy.
|
||||
|
||||
@ -21,8 +21,8 @@
|
||||
<!--Remove this section if you do not need introductory text for this topic -->
|
||||
<p class="margintop2">Common Authentication Service Adapter (CASA) is the common
|
||||
cross-platform foundation for authentication and single sign-on services for
|
||||
Novell® Linux* Desktop, Microsoft* Windows*, and Macintosh* OS 10 operating
|
||||
systems. CASA Manager is the graphical user interface that enables you to access
|
||||
Novell® Linux* Desktop and Microsoft* Windows* operating systems.
|
||||
CASA Manager is the graphical user interface that enables you to access
|
||||
and manage the authentication credentials (secrets) of the programs and services
|
||||
installed on any of these platforms.</p>
|
||||
<p class="margintop2">This Help file contains the following topics:</p>
|
||||
|
||||
Loading…
Reference in New Issue
Block a user