FreeBSD Security Advisory FreeBSD-SA-19:11.cd_ioctl
Mark Johnston
markj at freebsd.org
Wed Jul 3 14:08:10 UTC 2019
On Tue, Jul 02, 2019 at 06:55:26PM -0700, Ronald F. Guilmette wrote:
> In message <20190703004928.576CA1A7DE at freefall.freebsd.org>,
> freebsd-security at freebsd.org wrote:
>
> >Topic: Privilege escalation in cd(4) driver
> >...
> >devfs.conf(5) and devfs.rules(5) can be used to remove read permissions from
> >cd(4) devices.
>
> Would it be accurate to say that another possible workaround would be to
> simply remove the optical drive from the system(s) entirely?
That's correct. Note though that the problem can only be triggered when
some media is present in the drive in the first place.
> (I dunno about anybody else, but I personally don't even hardly use the
> bloody things anymore anyway.)
More information about the freebsd-security
mailing list