From owner-svn-src-head@freebsd.org  Tue Apr 26 21:17:33 2016
Return-Path: <owner-svn-src-head@freebsd.org>
Delivered-To: svn-src-head@mailman.ysv.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org
 [IPv6:2001:1900:2254:206a::19:1])
 by mailman.ysv.freebsd.org (Postfix) with ESMTP id 91625B1D737;
 Tue, 26 Apr 2016 21:17:33 +0000 (UTC)
 (envelope-from cse.cem@gmail.com)
Received: from mail-oi0-f65.google.com (mail-oi0-f65.google.com
 [209.85.218.65])
 (using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
 (Client CN "smtp.gmail.com",
 Issuer "Google Internet Authority G2" (verified OK))
 by mx1.freebsd.org (Postfix) with ESMTPS id 4C06A1119;
 Tue, 26 Apr 2016 21:17:32 +0000 (UTC)
 (envelope-from cse.cem@gmail.com)
Received: by mail-oi0-f65.google.com with SMTP id f63so3753013oig.0;
 Tue, 26 Apr 2016 14:17:32 -0700 (PDT)
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20130820;
 h=x-gm-message-state:mime-version:reply-to:in-reply-to:references
 :date:message-id:subject:from:to:cc;
 bh=gIc7bilYO/w0gg0Fj9FCuaKuYqUh7mAv+quEWJXgN+8=;
 b=UqoUU6Qqy/Dp0PfvYa+v8ESVAMXKq546wExmW6TxDQV4aRjY7+6vaqaj0BF1wnzZ0R
 9Q/hjKB6SvHWnct32VGOELkJ+VZMp47jzHGkoywllnd/184N0ogTe21a08xqYZGbUeG4
 sItxfKvvLecjov0Du4l4pXl425i13zPfNnHuKApCY+afAYRrSJnntSiTAviXt+12/z2t
 88Nhc2dnrkaOKgLkD3ir/Wx6nL89Pqz+yWwoB53IeNoemjK5u0GdVsmULUyc0AdAEeHS
 9sCVUInR2gRt5KEugCWCrZkkCXumc2ObItpCTTKF4eIW02mM6l+4x9k4axhjEEM19k5O
 9xag==
X-Gm-Message-State: AOPr4FV4rEwR92A3vHYyr8wJWf4ZHNBbJ9RaMHGGaBPo7hGtkqk31CQa4hR+Pj7oIKgCiQ==
X-Received: by 10.157.9.147 with SMTP id q19mr2117721otd.52.1461705452001;
 Tue, 26 Apr 2016 14:17:32 -0700 (PDT)
Received: from mail-oi0-f43.google.com (mail-oi0-f43.google.com.
 [209.85.218.43])
 by smtp.gmail.com with ESMTPSA id zi6sm293728oeb.11.2016.04.26.14.17.31
 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128);
 Tue, 26 Apr 2016 14:17:31 -0700 (PDT)
Received: by mail-oi0-f43.google.com with SMTP id x19so29203977oix.2;
 Tue, 26 Apr 2016 14:17:31 -0700 (PDT)
MIME-Version: 1.0
X-Received: by 10.202.215.86 with SMTP id o83mr1800381oig.55.1461705451429;
 Tue, 26 Apr 2016 14:17:31 -0700 (PDT)
Reply-To: cem@FreeBSD.org
Received: by 10.157.6.111 with HTTP; Tue, 26 Apr 2016 14:17:31 -0700 (PDT)
In-Reply-To: <CAJ-Vmo=42xj-G5hcV6ZHcr=BdnyV-R2y1HDbpJ3gmxyyMBdg4Q@mail.gmail.com>
References: <201604262036.u3QKaWto038435@repo.freebsd.org>
 <20160426210138.GA13055@mutt-hardenedbsd>
 <CAG6CVpUxSrBZJ9GkpBrHCK12c+eWmP+nuQaoiKcN++kTuvm2dA@mail.gmail.com>
 <CAJ-Vmo=42xj-G5hcV6ZHcr=BdnyV-R2y1HDbpJ3gmxyyMBdg4Q@mail.gmail.com>
Date: Tue, 26 Apr 2016 14:17:31 -0700
X-Gmail-Original-Message-ID: <CAG6CVpVfOvV6z3WD3USN3W+t7DYw3usB36QLNfTpo4RxoaSRcA@mail.gmail.com>
Message-ID: <CAG6CVpVfOvV6z3WD3USN3W+t7DYw3usB36QLNfTpo4RxoaSRcA@mail.gmail.com>
Subject: Re: svn commit: r298664 - head/sys/fs/msdosfs
From: Conrad Meyer <cem@FreeBSD.org>
To: Adrian Chadd <adrian.chadd@gmail.com>
Cc: Shawn Webb <shawn.webb@hardenedbsd.org>, Kristof Provost <kp@freebsd.org>, 
 "src-committers@freebsd.org" <src-committers@freebsd.org>, 
 "svn-src-all@freebsd.org" <svn-src-all@freebsd.org>, 
 "svn-src-head@freebsd.org" <svn-src-head@freebsd.org>
Content-Type: text/plain; charset=UTF-8
X-BeenThere: svn-src-head@freebsd.org
X-Mailman-Version: 2.1.21
Precedence: list
List-Id: SVN commit messages for the src tree for head/-current
 <svn-src-head.freebsd.org>
List-Unsubscribe: <https://lists.freebsd.org/mailman/options/svn-src-head>,
 <mailto:svn-src-head-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/svn-src-head/>
List-Post: <mailto:svn-src-head@freebsd.org>
List-Help: <mailto:svn-src-head-request@freebsd.org?subject=help>
List-Subscribe: <https://lists.freebsd.org/mailman/listinfo/svn-src-head>,
 <mailto:svn-src-head-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Tue, 26 Apr 2016 21:17:33 -0000

On Tue, Apr 26, 2016 at 2:13 PM, Adrian Chadd <adrian.chadd@gmail.com> wrote:
> You mean "hotplug mount a malicious USB disk via some installed
> graphical enviornment?"
>
> NOone does that... :)

Sure, but there the vulnerability is (IMO) that users are allowed to
arbitrarily mount stuff.  That's a huge attack surface and this fix
only scratches the surface.

We do need to make filesystems more resilient to malice.  AFL?

Best,
Conrad