Date: Wed, 3 Jul 2019 10:08:05 -0400 From: Mark Johnston <markj@freebsd.org> To: "Ronald F. Guilmette" <rfg@tristatelogic.com> Cc: freebsd-security@freebsd.org Subject: Re: FreeBSD Security Advisory FreeBSD-SA-19:11.cd_ioctl Message-ID: <20190703140805.GC83276@raichu> In-Reply-To: <12532.1562118926@segfault.tristatelogic.com> References: <20190703004928.576CA1A7DE@freefall.freebsd.org> <12532.1562118926@segfault.tristatelogic.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Jul 02, 2019 at 06:55:26PM -0700, Ronald F. Guilmette wrote: > In message <20190703004928.576CA1A7DE@freefall.freebsd.org>, > freebsd-security@freebsd.org wrote: > > >Topic: Privilege escalation in cd(4) driver > >... > >devfs.conf(5) and devfs.rules(5) can be used to remove read permissions from > >cd(4) devices. > > Would it be accurate to say that another possible workaround would be to > simply remove the optical drive from the system(s) entirely? That's correct. Note though that the problem can only be triggered when some media is present in the drive in the first place. > (I dunno about anybody else, but I personally don't even hardly use the > bloody things anymore anyway.)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20190703140805.GC83276>