UFS Bug: FreeBSD 6.1/6.2/7.0: MOKB-08-11-2006, CVE-2006-5824, MOKB-03-11-2006, CVE-2006-5679

Pieter de Goeje pieter at degoeje.nl
Sat Nov 25 06:17:57 PST 2006

On Saturday 25 November 2006 13:20, O. Hartmann wrote:
> Sorry, if my question may sound heretic, but wouldn't it be more
> sophisticated solving the problem instead of disabling everything what
> could trigger the bug?
> Look, on many desktop systems, USB backup drives become very common,
> even eSATA backup solutions. I try to use those convenienc things eithe
> in lab or at home on my private machine. Mounting the file system is
> done via amd() and automatically as the file system gets accessed via
> its link point.
Accessing external (and possibly hostile) media should not be done in kernel, 
because 1) the system may panic and 2) the system may be compromised. When 
the storage driver runs in usermode and has only the user's privileges, we 
have much better security by design.
AFAIK fuse (http://fuse4bsd.creo.hu) is an attempt to implement this.

Pieter de Goeje

More information about the freebsd-stable mailing list