Re: UFS Bug: FreeBSD 6.1/6.2/7.0: MOKB-08-11-2006, CVE-2006-5824, MOKB-03-11-2006, CVE-2006-5679

Scott Long wrote:
Kevin Oberman wrote:
Date: Fri, 24 Nov 2006 15:58:39 -0700
From: Scott Long <scottl@xxxxxxxxxx>
Sender: owner-freebsd-stable@xxxxxxxxxxx

David Malone wrote:

These two bugs are shown for FreeBSD only and I guess, Solaris and
other BSDs still use UFS. Are they more robust against this
exploit or type of exploit?

I don't know of a concerted effort by anyone to improve UFS in this
way. I would guess that the odd bug would have been resolved, but
no large scale work.

David.
Another thing to keep in mind is that filesystem mounting is only
available to the super-user. If a feature came along such as
automatically mounting USB drives, these bugs would indeed be critical.
But for now, they are not.

Not on the base system, but Gnome 2.16 with hald running will mount a
removable device automatically. The standard configuration of Gnome runs
hald. Allowing user mounts of removable media is even formalized by the
addition of /media to hier(7). I'm not sure this should simply be
treated as not being significant.

Would it be possible to restrict Gnome to only auto-mounting msdos and
cd9660 filesystems?

Scott

_______________________________________________
freebsd-stable@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscribe@xxxxxxxxxxx"
Sorry, if my question may sound heretic, but wouldn't it be more
sophisticated solving the problem instead of disabling everything what
could trigger the bug?

Look, on many desktop systems, USB backup drives become very common,
even eSATA backup solutions. I try to use those convenienc things eithe
in lab or at home on my private machine. Mounting the file system is
done via amd() and automatically as the file system gets accessed via
its link point.

Oliver
_______________________________________________
freebsd-stable@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscribe@xxxxxxxxxxx"

Relevant Pages

  • SUMMARY: how do I REALLY delete a file?
    ... leaving the rest of the file system intact. ... Wipedrive doesn't seem to be available for Solaris, but might be of interest to ... run this on each filesystem where the files from ... >Solaris' UFS] do not satisfy this assumption." ...
    (SunManagers)
  • Re: [PATCH 3/3, try #2] Blackfin: documents and maintainer patch
    ... This file contains the simple DMA Implementation for Blackfin ... +Please follow the steps to form the EXT3 File system and mount the same as root ... +There are only a few steps required to lock your code into the cache. ... - Requirements for mounting the root file system. ...
    (Linux-Kernel)
  • Re: ZFS kernel panic
    ... Return an I/O error on this cache flush. ... If UFS remembers I/O errors, ... I thought that when file system itself flushes the ...
    (freebsd-current)
  • New in FC5 since a few days - some questions about Gnome
    ... clicking the "Computer" icon, despite they are correctly declared into ... the fstab; though they can be accessed via nautilus navigating through ... the file system, ... I've been reading the Gnome 2.14 Guide and found nothing about it. ...
    (Fedora)
  • Re: New in FC5 since a few days - some questions about Gnome
    ... clicking the "Computer" icon, despite they are correctly declared into ... the fstab; though they can be accessed via nautilus navigating through ... the file system, ... I've been reading the Gnome 2.14 Guide and found nothing about it. ...
    (Fedora)