Date: Sat, 25 Nov 2006 17:30:49 +0100 From: "O. Hartmann" <ohartman@mail.zedat.fu-berlin.de> To: Scott Long <scottl@samsco.org> Cc: David Malone <dwmalone@maths.tcd.ie>, "O. Hartmann" <ohartman@zedat.fu-berlin.de>, FreeBSD Stable <freebsd-stable@freebsd.org> Subject: Re: UFS Bug: FreeBSD 6.1/6.2/7.0: MOKB-08-11-2006, CVE-2006-5824, MOKB-03-11-2006, CVE-2006-5679 Message-ID: <45686FB9.7090608@mail.zedat.fu-berlin.de> In-Reply-To: <45686A0C.9060300@samsco.org> References: <20061125013802.20B6E45054@ptavv.es.net> <45679F01.90708@samsco.org> <45683511.6030400@mail.zedat.fu-berlin.de> <45686A0C.9060300@samsco.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Scott Long wrote: > O. Hartmann wrote: >> Scott Long wrote: >>> Kevin Oberman wrote: >>>>> Date: Fri, 24 Nov 2006 15:58:39 -0700 >>>>> From: Scott Long <scottl@samsco.org> >>>>> Sender: owner-freebsd-stable@freebsd.org >>>>> >>>>> David Malone wrote: >>>>> >>>>>>> These two bugs are shown for FreeBSD only and I guess, Solaris and >>>>>>> other BSDs still use UFS. Are they more robust against this >>>>>>> exploit or type of exploit? >>>>>> I don't know of a concerted effort by anyone to improve UFS in this >>>>>> way. I would guess that the odd bug would have been resolved, but >>>>>> no large scale work. >>>>>> >>>>>> David. >>>>> Another thing to keep in mind is that filesystem mounting is only >>>>> available to the super-user. If a feature came along such as >>>>> automatically mounting USB drives, these bugs would indeed be >>>>> critical. >>>>> But for now, they are not. >>>> Not on the base system, but Gnome 2.16 with hald running will mount a >>>> removable device automatically. The standard configuration of Gnome >>>> runs >>>> hald. Allowing user mounts of removable media is even formalized by >>>> the >>>> addition of /media to hier(7). I'm not sure this should simply be >>>> treated as not being significant. >>> Would it be possible to restrict Gnome to only auto-mounting msdos and >>> cd9660 filesystems? >>> >>> Scott >>> >>> _______________________________________________ >>> freebsd-stable@freebsd.org mailing list >>> http://lists.freebsd.org/mailman/listinfo/freebsd-stable >>> To unsubscribe, send any mail to >>> "freebsd-stable-unsubscribe@freebsd.org" >> Sorry, if my question may sound heretic, but wouldn't it be more >> sophisticated solving the problem instead of disabling everything what >> could trigger the bug? > > Yup. Who do you have in mind to do it? > > Scott Well, this is a good question :-( I would like to do it if the following prerequisites would be applicable: I'm familiar with OS development (no) I'm familiar with C, very close to driver layer and UFS (no) I'm willing to work for a OpenSource project (yes, of course, I use FreeBSD in scientific environment now for more than 10 years) On the other hand, Scott, where are all the Kernel developer has been gone to? Oliver
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?45686FB9.7090608>