Date: Sat, 24 Feb 2024 21:40:13 +0100 From: Miroslav Lachman <000.fbsd@quip.cz> To: stable@freebsd.org Subject: Re: gpart device permissions security hole (/dev/geom.ctl) Message-ID: <4de9c605-c93d-4286-a402-0bc52e9d62ff@quip.cz> In-Reply-To: <ZdpK6ltoUgnTSmba@marble.hightek.org> References: <ZdE2Hm6y5Fel2etP@marble.hightek.org> <slrnutei1n.1ebh.pmc@disp.intra.daemon.contact> <Zde7TAehUyMvDQ5F@marble.hightek.org> <2421f1a5-d924-4912-abff-e000e41f5459@quip.cz> <ZdpK6ltoUgnTSmba@marble.hightek.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 24/02/2024 21:00, Vincent Stemen wrote: > On Sat, Feb 24, 2024 at 04:40:00PM +0100, Miroslav Lachman wrote: >> I agree with this security problem. Just a small note - there are >> backups of partitions (/var/backups/gpart.*) created by periodic script >> /etc/periodic/daily/221.backup-gpart (if you have >> daily_backup_gpart_enable="YES" in your /etc/periodic.conf or in a >> /etc/defaults/periodic.conf which is the default). That way you can get >> back the number plate on you house in some cases. > > Thanks. That's good to know. I was not aware of those features of > periodic. Almost nobody knows. There are 3 scripts to backup disk information: 221.backup-gpart 222.backup-gmirror 223.backup-zfs They are "newly" in base but was in some PR for many years. I'm the co-author. With these 3 periodic scripts I think more than 95% users can recover / restore disk layout. Some corner cases with different GEOM classes are not covered, but usual gmirror + UFS, or ZFS should be covered. Kind regards Miroslav Lachman
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?4de9c605-c93d-4286-a402-0bc52e9d62ff>