From owner-freebsd-stable@FreeBSD.ORG  Sat Nov 25 14:17:57 2006
Return-Path: <owner-freebsd-stable@FreeBSD.ORG>
X-Original-To: freebsd-stable@freebsd.org
Delivered-To: freebsd-stable@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id 49D1A16A47B
	for <freebsd-stable@freebsd.org>; Sat, 25 Nov 2006 14:17:57 +0000 (UTC)
	(envelope-from pieter@degoeje.nl)
Received: from smtp.utwente.nl (smtp2.utsp.utwente.nl [130.89.2.9])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 287EF43D76
	for <freebsd-stable@freebsd.org>; Sat, 25 Nov 2006 14:17:05 +0000 (GMT)
	(envelope-from pieter@degoeje.nl)
Received: from nox.student.utwente.nl (nox.student.utwente.nl [130.89.165.91])
	by smtp.utwente.nl (8.12.10/SuSE Linux 0.7) with ESMTP id
	kAPEHlox011440; Sat, 25 Nov 2006 15:17:47 +0100
From: Pieter de Goeje <pieter@degoeje.nl>
To: "O. Hartmann" <ohartman@mail.zedat.fu-berlin.de>
Date: Sat, 25 Nov 2006 15:17:47 +0100
User-Agent: KMail/1.9.4
References: <20061125013802.20B6E45054@ptavv.es.net>
	<45679F01.90708@samsco.org>
	<45683511.6030400@mail.zedat.fu-berlin.de>
In-Reply-To: <45683511.6030400@mail.zedat.fu-berlin.de>
MIME-Version: 1.0
Content-Type: text/plain;
  charset="iso-8859-1"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline
Message-Id: <200611251517.47230.pieter@degoeje.nl>
X-UTwente-MailScanner-Information: Scanned by MailScanner. Contact
	helpdesk@ITBE.utwente.nl for more information.
X-UTwente-MailScanner: Found to be clean
X-UTwente-MailScanner-From: pieter@degoeje.nl
X-Spam-Status: No
Cc: freebsd-stable@freebsd.org
Subject: Re: UFS Bug: FreeBSD 6.1/6.2/7.0: MOKB-08-11-2006, CVE-2006-5824,
	MOKB-03-11-2006, CVE-2006-5679
X-BeenThere: freebsd-stable@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Production branch of FreeBSD source code <freebsd-stable.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>, 
	<mailto:freebsd-stable-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-stable>
List-Post: <mailto:freebsd-stable@freebsd.org>
List-Help: <mailto:freebsd-stable-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-stable>,
	<mailto:freebsd-stable-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 25 Nov 2006 14:17:57 -0000

On Saturday 25 November 2006 13:20, O. Hartmann wrote:
> Sorry, if my question may sound heretic, but wouldn't it be more
> sophisticated solving the problem instead of disabling everything what
> could trigger the bug?
>
> Look, on many desktop systems, USB backup drives become very common,
> even eSATA backup solutions. I try to use those convenienc things eithe
> in lab or at home on my private machine. Mounting the file system is
> done via amd() and automatically as the file system gets accessed via
> its link point.
Accessing external (and possibly hostile) media should not be done in kernel, 
because 1) the system may panic and 2) the system may be compromised. When 
the storage driver runs in usermode and has only the user's privileges, we 
have much better security by design.
AFAIK fuse (http://fuse4bsd.creo.hu) is an attempt to implement this.

Regards,
Pieter de Goeje