UFS Bug: FreeBSD 6.1/6.2/7.0: MOKB-08-11-2006, CVE-2006-5824, MOKB-03-11-2006, CVE-2006-5679

Kevin Oberman oberman at es.net
Fri Nov 24 17:38:03 PST 2006

> Date: Fri, 24 Nov 2006 15:58:39 -0700
> From: Scott Long <scottl at samsco.org>
> Sender: owner-freebsd-stable at freebsd.org
> David Malone wrote:
> >>These two bugs are shown for FreeBSD only and I guess, Solaris and other 
> >>BSDs  still use UFS. Are they more robust against this exploit or type 
> >>of exploit?
> > 
> > 
> > I don't know of a concerted effort by anyone to improve UFS in this
> > way. I would guess that the odd bug would have been resolved, but
> > no large scale work.
> > 
> > 	David.
> Another thing to keep in mind is that filesystem mounting is only 
> available to the super-user.  If a feature came along such as 
> automatically mounting USB drives, these bugs would indeed be critical.
> But for now, they are not.

Not on the base system, but Gnome 2.16 with hald running will mount a
removable device automatically. The standard configuration of Gnome runs
hald. Allowing user mounts of removable media is even formalized by the
addition of /media to hier(7). I'm not sure this should simply be
treated as not being significant.
R. Kevin Oberman, Network Engineer
Energy Sciences Network (ESnet)
Ernest O. Lawrence Berkeley National Laboratory (Berkeley Lab)
E-mail: oberman at es.net			Phone: +1 510 486-8634
Key fingerprint:059B 2DDF 031C 9BA3 14A4  EADA 927D EBB3 987B 3751
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 224 bytes
Desc: not available
Url : http://lists.freebsd.org/pipermail/freebsd-stable/attachments/20061125/8ab07211/attachment.pgp

More information about the freebsd-stable mailing list