Re: UFS Bug: FreeBSD 6.1/6.2/7.0: MOKB-08-11-2006, CVE-2006-5824, MOKB-03-11-2006, CVE-2006-5679

From: Robert Watson <rwatson@xxxxxxxxxxx>
Date: Sun, 26 Nov 2006 14:49:33 +0000 (GMT)

On Fri, 24 Nov 2006, Kevin Oberman wrote:

I don't know of a concerted effort by anyone to improve UFS in this way. I would guess that the odd bug would have been resolved, but no large scale work.

Another thing to keep in mind is that filesystem mounting is only available to the super-user. If a feature came along such as automatically mounting USB drives, these bugs would indeed be critical. But for now, they are not.

Not on the base system, but Gnome 2.16 with hald running will mount a removable device automatically. The standard configuration of Gnome runs hald. Allowing user mounts of removable media is even formalized by the addition of /media to hier(7). I'm not sure this should simply be treated as not being significant.

At least for now, "untrusted" UFS file systems should not be mounted without first performing a file system check on them. I'd like to see resilience improved so that we're not dealing with panic scenarios on a heavily corrupted UFS, but it's fairly well documented that we consider file systems to be in one of three states: clean, in which case they are by definition not corrupt, requiring a bgfsck (i.e., garbage collection following a fail stop with soft updates enabled), or dirty (requiring a full fsck before mount).

I think a better target for resilience improvements is actually msdosfs, since users are far more likely to want to deal with potentially currupted FAT file systems from USB devices than UFS file systems from arbitrary sources. And, unlike UFS, it's fairly likely someone with only moderate VFS/VM background could do the basics of this work, with an immediate practical benefit.

Robert N M Watson
Computer Laboratory
University of Cambridge
_______________________________________________
freebsd-stable@xxxxxxxxxxx mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-stable
To unsubscribe, send any mail to "freebsd-stable-unsubscribe@xxxxxxxxxxx"

References:
- Re: UFS Bug: FreeBSD 6.1/6.2/7.0: MOKB-08-11-2006, CVE-2006-5824, MOKB-03-11-2006, CVE-2006-5679
  - From: Kevin Oberman

Prev by Date: Re: freebsd-update to track release engineering
Next by Date: [msdosfs] [patch] msdosfs incorrectly handles NT 8.3 capitalization
Previous by thread: Re: UFS Bug: FreeBSD 6.1/6.2/7.0: MOKB-08-11-2006, CVE-2006-5824, MOKB-03-11-2006, CVE-2006-5679
Next by thread: php in free(): error: junk pointer, too high to make sense
Index(es):
- Date
- Thread

Relevant Pages

SUMMARY: strange df result
... Using the UFS noatime and logging Mount Options Can Result in File System Corruption ... If the UFS noatime and logging mount options are used together, the file system can become corrupted because an inode is not being written. ... Edit /etc/vfstab to remove the noatime option from all file systems that use the logging option. ...
(SunManagers)
Re: rc.conf.local error nn7j
... And then just "mount" to see if your file systems were ... /dev/ad0s1e on /usr (ufs, local, soft-updates) ...
(freebsd-questions)
UFS extended attributes
... Started doing a little reading on the UFS and UFS2 ... file systems. ... named pipes, sockets, and device files? ...
(freebsd-hackers)
UFS extended attributes
... Started doing a little reading on the UFS and UFS2 ... file systems. ... named pipes, sockets, and device files? ...
(freebsd-questions)