UFS Bug: FreeBSD 6.1/6.2/7.0: MOKB-08-11-2006, CVE-2006-5824, MOKB-03-11-2006, CVE-2006-5679

Kevin Oberman oberman at es.net
Fri Nov 24 17:54:31 PST 2006


> Date: Fri, 24 Nov 2006 18:40:17 -0700
> From: Scott Long <scottl at samsco.org>
> 
> Kevin Oberman wrote:
> >> Date: Fri, 24 Nov 2006 15:58:39 -0700
> >> From: Scott Long <scottl at samsco.org>
> >> Sender: owner-freebsd-stable at freebsd.org
> >>
> >> David Malone wrote:
> >>
> >>>> These two bugs are shown for FreeBSD only and I guess, Solaris and other 
> >>>> BSDs  still use UFS. Are they more robust against this exploit or type 
> >>>> of exploit?
> >>>
> >>> I don't know of a concerted effort by anyone to improve UFS in this
> >>> way. I would guess that the odd bug would have been resolved, but
> >>> no large scale work.
> >>>
> >>> 	David.
> >> Another thing to keep in mind is that filesystem mounting is only 
> >> available to the super-user.  If a feature came along such as 
> >> automatically mounting USB drives, these bugs would indeed be critical.
> >> But for now, they are not.
> > 
> > Not on the base system, but Gnome 2.16 with hald running will mount a
> > removable device automatically. The standard configuration of Gnome runs
> > hald. Allowing user mounts of removable media is even formalized by the
> > addition of /media to hier(7). I'm not sure this should simply be
> > treated as not being significant.
> 
> Would it be possible to restrict Gnome to only auto-mounting msdos and 
> cd9660 filesystems?

I suspect it is possible, but I'll ask Joe Marcus to answer as he did
most of the FreeBSD hald work. 

Joe? This looks like something that needs a bit of thought.
-- 
R. Kevin Oberman, Network Engineer
Energy Sciences Network (ESnet)
Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab)
E-mail: oberman at es.net			Phone: +1 510 486-8634
Key fingerprint:059B 2DDF 031C 9BA3 14A4  EADA 927D EBB3 987B 3751
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 224 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-stable/attachments/20061125/2eee2f89/attachment.pgp


More information about the freebsd-stable mailing list