From owner-freebsd-security@FreeBSD.ORG Sun Jan 14 16:06:38 2007 Return-Path: X-Original-To: freebsd-security@freebsd.org Delivered-To: freebsd-security@freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52]) by hub.freebsd.org (Postfix) with ESMTP id BB40B16A415 for ; Sun, 14 Jan 2007 16:06:38 +0000 (UTC) (envelope-from wmoran@collaborativefusion.com) Received: from mx00.pub.collaborativefusion.com (mx00.pub.collaborativefusion.com [206.210.89.199]) by mx1.freebsd.org (Postfix) with ESMTP id 8261A13C461 for ; Sun, 14 Jan 2007 16:06:38 +0000 (UTC) (envelope-from wmoran@collaborativefusion.com) Received: from working (c-71-60-174-60.hsd1.pa.comcast.net [71.60.174.60]) (AUTH: LOGIN wmoran, TLS: TLSv1/SSLv3,256bits,AES256-SHA) by wingspan with esmtp; Sun, 14 Jan 2007 11:06:37 -0500 id 0005644F.45AA550D.0000D237 Date: Sun, 14 Jan 2007 11:06:36 -0500 From: Bill Moran To: Alexander Leidinger Message-Id: <20070114110636.b8d84c4c.wmoran@collaborativefusion.com> In-Reply-To: <20070114170124.432d882f@Magellan.Leidinger.net> References: <64b272cb0701140319y4e86d969ld4532cfa2408cc8f@mail.gmail.com> <20070114101515.adaecd4e.wmoran@collaborativefusion.com> <20070114170124.432d882f@Magellan.Leidinger.net> Organization: Collaborative Fusion Inc. X-Mailer: Sylpheed version 2.2.10 (GTK+ 2.10.6; i386-portbld-freebsd6.2) Mime-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Cc: Kobajashi Zaghi , freebsd-security@freebsd.org Subject: Re: MOAB advisories X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: "Security issues \[members-only posting\]" List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Sun, 14 Jan 2007 16:06:38 -0000 Alexander Leidinger wrote: > > Quoting Bill Moran (Sun, 14 Jan 2007 10:15:15 -0500): > > > "Kobajashi Zaghi" wrote: > > > > > > I would like to know, that these following "vulnerabilities" does > > > affect FreeBSD's reliability? If the answer is "yes", what version of > > > FreeBSD affected, when will be fixed, etc. > > > > > > http://projects.info-pull.com/moab/MOAB-12-01-2007.html > > > http://projects.info-pull.com/moab/MOAB-10-01-2007.html > > > > These folks are establishing themselves as careless, alarmist, and > > uneducated when it comes to kernel bugs. > > > > In FreeBSD, the above mentioned flaws can, indeed, cause a kernel panic. > > However, this is intended behaviour when a corrupt filesystem is > > encountered. It protects the system from serious damage that could > > result from trying to work with the corrupt filesystem. > > > > The difference, that the info-pull folks seem to be too stupid to > > understand, is that FreeBSD does not allow mounting of filesystems > > by anyone other than root. > > Except root did set the sysctl to allow this, or started a HAL daemon > which mounts stuff for the desktop user, or uses amd to mount stuff. All decisions made by root. It's always possible, on any system, for an administrative user to set up a configuration that is insecure or unsafe, that doesn't mean that it's a flaw in the system. Quite the contrary, any system that attempts to limit an administrator's power to keep things secure becomes inflexible, and nearly useless. -Bill