[prev in list] [next in list] [prev in thread] [next in thread] 

List:       freebsd-security
Subject:    Re: freebsd-security Digest, Vol 187, Issue 4
From:       Alexander Leidinger <Alexander () Leidinger ! net>
Date:       2006-11-28 16:38:17
Message-ID: 20061128173817.r4bbex3h7kkg4ok8 () webmail ! leidinger ! net
[Download RAW message or body]

Quoting Michael Richards <michael@fastmail.ca> (from Mon, 27 Nov 2006  
16:07:56 +0000 (UTC)):

>> [It's just a panic]
>> I was so transfixed on Josh stating that the attacker could as well
>> just mount a filesystem with suid root binaries and how that would be
>> more useful than a buffer overflow in the filesystem driver. I totally
>> missed the fact that we were talking about two bugs where the kernel
>> deliberately called panic() ;).
>>
>> So in this case I'd agree that the panic() is undesirable, but not
>> really a security issue.
>
> In the past we have considered remote DOS type attacks to be a security
> issue. In this case people discount it saying if the user has physical
> access then it's game over anyway. Althought not as serious as privilege

As you said, this is not a remote attack. A local DOS is not nice and  
should be fixed if feasible, but is not something we typically give as  
high a priority as major security problems.

> escalation bugs I would have to say that mounting a user's USB drive
> shouldn't allow the system to crash. How about something to force a fsck
> before allowing the mount? Would that always catch it?

Maybe you fail to see how large the problem is: no filesystem we have  
so far has enough protections for this kind of problems. Doing a fsck  
may be a solution for a lot of possible problems in such a case, but
  - you don't want to force a fsck of a multi-GB USB harddisk, the
    user will run away to another OS until it is finished
  - you shift the problem to a FS where we don't have a fsck for
    (FAT comes to mind)

Bye,
Alexander.

-- 
Love -- the last of the serious diseases of childhood.

http://www.Leidinger.net    Alexander @ Leidinger.net: PGP ID = B0063FE7
http://www.FreeBSD.org       netchild @ FreeBSD.org  : PGP ID = 72077137
_______________________________________________
freebsd-security@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "freebsd-security-unsubscribe@freebsd.org"

[prev in list] [next in list] [prev in thread] [next in thread]

Configure | About | News | Add a list | Sponsored by KoreLogic