From owner-freebsd-stable@FreeBSD.ORG Sun Nov 26 08:05:34 2006 Return-Path: X-Original-To: freebsd-stable@freebsd.org Delivered-To: freebsd-stable@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 375D916A416 for ; Sun, 26 Nov 2006 08:05:34 +0000 (UTC) (envelope-from kris@obsecurity.org) Received: from elvis.mu.org (elvis.mu.org [192.203.228.196]) by mx1.FreeBSD.org (Postfix) with ESMTP id E826843D46 for ; Sun, 26 Nov 2006 08:04:40 +0000 (GMT) (envelope-from kris@obsecurity.org) Received: from obsecurity.dyndns.org (elvis.mu.org [192.203.228.196]) by elvis.mu.org (Postfix) with ESMTP id 7044D1A3C19; Sun, 26 Nov 2006 00:05:33 -0800 (PST) Received: by obsecurity.dyndns.org (Postfix, from userid 1000) id 7140C51375; Sun, 26 Nov 2006 03:05:17 -0500 (EST) Date: Sun, 26 Nov 2006 03:05:17 -0500 From: Kris Kennaway To: "O. Hartmann" Message-ID: <20061126080517.GB48708@xor.obsecurity.org> References: <20061125013802.20B6E45054@ptavv.es.net> <45679F01.90708@samsco.org> <45683511.6030400@mail.zedat.fu-berlin.de> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-sha1; protocol="application/pgp-signature"; boundary="ZfOjI3PrQbgiZnxM" Content-Disposition: inline In-Reply-To: <45683511.6030400@mail.zedat.fu-berlin.de> User-Agent: Mutt/1.4.2.2i Cc: David Malone , "O. Hartmann" , FreeBSD Stable Subject: Re: UFS Bug: FreeBSD 6.1/6.2/7.0: MOKB-08-11-2006, CVE-2006-5824, MOKB-03-11-2006, CVE-2006-5679 X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 26 Nov 2006 08:05:34 -0000 --ZfOjI3PrQbgiZnxM Content-Type: text/plain; charset=us-ascii Content-Disposition: inline On Sat, Nov 25, 2006 at 01:20:33PM +0100, O. Hartmann wrote: > Scott Long wrote: > > Kevin Oberman wrote: > >>> Date: Fri, 24 Nov 2006 15:58:39 -0700 > >>> From: Scott Long > >>> Sender: owner-freebsd-stable@freebsd.org > >>> > >>> David Malone wrote: > >>> > >>>>> These two bugs are shown for FreeBSD only and I guess, Solaris and > >>>>> other BSDs still use UFS. Are they more robust against this > >>>>> exploit or type of exploit? > >>>> > >>>> I don't know of a concerted effort by anyone to improve UFS in this > >>>> way. I would guess that the odd bug would have been resolved, but > >>>> no large scale work. > >>>> > >>>> David. > >>> Another thing to keep in mind is that filesystem mounting is only > >>> available to the super-user. If a feature came along such as > >>> automatically mounting USB drives, these bugs would indeed be critical. > >>> But for now, they are not. > >> > >> Not on the base system, but Gnome 2.16 with hald running will mount a > >> removable device automatically. The standard configuration of Gnome runs > >> hald. Allowing user mounts of removable media is even formalized by the > >> addition of /media to hier(7). I'm not sure this should simply be > >> treated as not being significant. > > > > Would it be possible to restrict Gnome to only auto-mounting msdos and > > cd9660 filesystems? > > > > Scott > > > > _______________________________________________ > > freebsd-stable@freebsd.org mailing list > > http://lists.freebsd.org/mailman/listinfo/freebsd-stable > > To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org" > Sorry, if my question may sound heretic, but wouldn't it be more > sophisticated solving the problem instead of disabling everything what > could trigger the bug? It's been explained to you why "solving the problem" (i.e. adapting UFS so that no combination of corrupted filesystem data can cause a panic) is, in all practical senses, probably impossible. To recap, it would require fundamentally redesigning the UFS code to perform input validation before using any on-disk data, and adding some kind of backout and recovery strategies for when bad data is detected. Apart from the significant additional complexity, this may have an unacceptable runtime performance penalty. I hope the status of this issue is clear now. Kris --ZfOjI3PrQbgiZnxM Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.5 (FreeBSD) iD8DBQFFaUq9Wry0BWjoQKURAl5VAKDXwLhOwSQ66HkVh670IXdX6ys0TQCbBRTX 1TdH82ndhPCrXm7uDklCwpo= =vD3u -----END PGP SIGNATURE----- --ZfOjI3PrQbgiZnxM--