Date: Sun, 14 Jan 2007 10:15:15 -0500 From: Bill Moran <wmoran@collaborativefusion.com> To: "Kobajashi Zaghi" <kobajashi@gmail.com> Cc: freebsd-security@freebsd.org Subject: Re: MOAB advisories Message-ID: <20070114101515.adaecd4e.wmoran@collaborativefusion.com> In-Reply-To: <64b272cb0701140319y4e86d969ld4532cfa2408cc8f@mail.gmail.com> References: <64b272cb0701140319y4e86d969ld4532cfa2408cc8f@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
"Kobajashi Zaghi" <kobajashi@gmail.com> wrote: > > I would like to know, that these following "vulnerabilities" does > affect FreeBSD's reliability? If the answer is "yes", what version of > FreeBSD affected, when will be fixed, etc. > > http://projects.info-pull.com/moab/MOAB-12-01-2007.html > http://projects.info-pull.com/moab/MOAB-10-01-2007.html These folks are establishing themselves as careless, alarmist, and uneducated when it comes to kernel bugs. In FreeBSD, the above mentioned flaws can, indeed, cause a kernel panic. However, this is intended behaviour when a corrupt filesystem is encountered. It protects the system from serious damage that could result from trying to work with the corrupt filesystem. The difference, that the info-pull folks seem to be too stupid to understand, is that FreeBSD does not allow mounting of filesystems by anyone other than root. If someone with root access wants to DoS your system, then don't need any flaws, they could just rm -rf /, or other nasty actions. Apple made the mistake of making a function that was designed to be usable by an administrator-only accessible to the average user. Doing this requires that lots and lots of code be investigated and updated. Places where it makes sense to intentionally call panic() in FreeBSD require less drastic and considerably more complex action in Mac OS. Apparently, Apple didn't review this carefully enough. The thing that amazes me is that the info-pull folks are smart enough to uncover these issues, but too stupid to accurately report them and their consequences. -Bill
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20070114101515.adaecd4e.wmoran>