Re: 32 bit fix? (Was Re: Meltdown – Spectre)

Daniel Feenberg feenberg at
Wed Jan 10 12:39:53 UTC 2018

On Wed, 10 Jan 2018, Dave B via freebsd-questions wrote:

> Hi Ed.
> Understood.   There's "a lot" of FreeBSD based kit out there, running on
> 32 bit hardware.  A lot of NAS's for one.   (I don’t suppose any of
> those commercial "appliances" will ever be updated though.)

Are NAS's a worry? Wouldn't the typical NAS login have root already? Why 
would anyone other than the system admin have a login on the NAS box at 
all? If the NAS isn't used as a web browser or MUA, how would the malware 
get to be run by an unprivileged user?

I understand that the vulnerability can be demonstrated in Javascript, but 
this would be an attack on the client running with the privileges of the 
web browser. That isn't something that would happen on the typical 
system services appliance such as a NAS box, switch, or router.

daniel feenberg

More information about the freebsd-questions mailing list