From owner-freebsd-stable@FreeBSD.ORG Sat Nov 25 16:07:38 2006 Return-Path: X-Original-To: freebsd-stable@freebsd.org Delivered-To: freebsd-stable@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id 2336E16A492 for ; Sat, 25 Nov 2006 16:07:38 +0000 (UTC) (envelope-from scottl@samsco.org) Received: from pooker.samsco.org (pooker.samsco.org [168.103.85.57]) by mx1.FreeBSD.org (Postfix) with ESMTP id 1E47043D5C for ; Sat, 25 Nov 2006 16:06:36 +0000 (GMT) (envelope-from scottl@samsco.org) Received: from [192.168.254.11] (phobos.samsco.home [192.168.254.11]) (authenticated bits=0) by pooker.samsco.org (8.13.4/8.13.4) with ESMTP id kAPG6bbS016954; Sat, 25 Nov 2006 09:06:43 -0700 (MST) (envelope-from scottl@samsco.org) Message-ID: <45686A0C.9060300@samsco.org> Date: Sat, 25 Nov 2006 09:06:36 -0700 From: Scott Long User-Agent: Mozilla/5.0 (Macintosh; U; Intel Mac OS X; en-US; rv:1.8.0.7) Gecko/20060910 SeaMonkey/1.0.5 MIME-Version: 1.0 To: "O. Hartmann" References: <20061125013802.20B6E45054@ptavv.es.net> <45679F01.90708@samsco.org> <45683511.6030400@mail.zedat.fu-berlin.de> In-Reply-To: <45683511.6030400@mail.zedat.fu-berlin.de> Content-Type: text/plain; charset=ISO-8859-1; format=flowed Content-Transfer-Encoding: 7bit X-Spam-Status: No, score=-1.4 required=3.8 tests=ALL_TRUSTED autolearn=failed version=3.1.1 X-Spam-Checker-Version: SpamAssassin 3.1.1 (2006-03-10) on pooker.samsco.org Cc: David Malone , FreeBSD Stable , "O. Hartmann" Subject: Re: UFS Bug: FreeBSD 6.1/6.2/7.0: MOKB-08-11-2006, CVE-2006-5824, MOKB-03-11-2006, CVE-2006-5679 X-BeenThere: freebsd-stable@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: Production branch of FreeBSD source code List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sat, 25 Nov 2006 16:07:38 -0000 O. Hartmann wrote: > Scott Long wrote: >> Kevin Oberman wrote: >>>> Date: Fri, 24 Nov 2006 15:58:39 -0700 >>>> From: Scott Long >>>> Sender: owner-freebsd-stable@freebsd.org >>>> >>>> David Malone wrote: >>>> >>>>>> These two bugs are shown for FreeBSD only and I guess, Solaris and >>>>>> other BSDs still use UFS. Are they more robust against this >>>>>> exploit or type of exploit? >>>>> I don't know of a concerted effort by anyone to improve UFS in this >>>>> way. I would guess that the odd bug would have been resolved, but >>>>> no large scale work. >>>>> >>>>> David. >>>> Another thing to keep in mind is that filesystem mounting is only >>>> available to the super-user. If a feature came along such as >>>> automatically mounting USB drives, these bugs would indeed be critical. >>>> But for now, they are not. >>> Not on the base system, but Gnome 2.16 with hald running will mount a >>> removable device automatically. The standard configuration of Gnome runs >>> hald. Allowing user mounts of removable media is even formalized by the >>> addition of /media to hier(7). I'm not sure this should simply be >>> treated as not being significant. >> Would it be possible to restrict Gnome to only auto-mounting msdos and >> cd9660 filesystems? >> >> Scott >> >> _______________________________________________ >> freebsd-stable@freebsd.org mailing list >> http://lists.freebsd.org/mailman/listinfo/freebsd-stable >> To unsubscribe, send any mail to "freebsd-stable-unsubscribe@freebsd.org" > Sorry, if my question may sound heretic, but wouldn't it be more > sophisticated solving the problem instead of disabling everything what > could trigger the bug? Yup. Who do you have in mind to do it? Scott