Date: Sun, 26 Nov 2006 14:49:33 +0000 (GMT) From: Robert Watson <rwatson@FreeBSD.org> To: Kevin Oberman <oberman@es.net> Cc: David Malone <dwmalone@maths.tcd.ie>, FreeBSD Stable <freebsd-stable@freebsd.org>, "O. Hartmann" <ohartman@zedat.fu-berlin.de> Subject: Re: UFS Bug: FreeBSD 6.1/6.2/7.0: MOKB-08-11-2006, CVE-2006-5824, MOKB-03-11-2006, CVE-2006-5679 Message-ID: <20061126144424.B66361@fledge.watson.org> In-Reply-To: <20061125013802.20B6E45054@ptavv.es.net> References: <20061125013802.20B6E45054@ptavv.es.net>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 24 Nov 2006, Kevin Oberman wrote: >>> I don't know of a concerted effort by anyone to improve UFS in this way. I >>> would guess that the odd bug would have been resolved, but no large scale >>> work. >> >> Another thing to keep in mind is that filesystem mounting is only available >> to the super-user. If a feature came along such as automatically mounting >> USB drives, these bugs would indeed be critical. But for now, they are not. > > Not on the base system, but Gnome 2.16 with hald running will mount a > removable device automatically. The standard configuration of Gnome runs > hald. Allowing user mounts of removable media is even formalized by the > addition of /media to hier(7). I'm not sure this should simply be treated as > not being significant. At least for now, "untrusted" UFS file systems should not be mounted without first performing a file system check on them. I'd like to see resilience improved so that we're not dealing with panic scenarios on a heavily corrupted UFS, but it's fairly well documented that we consider file systems to be in one of three states: clean, in which case they are by definition not corrupt, requiring a bgfsck (i.e., garbage collection following a fail stop with soft updates enabled), or dirty (requiring a full fsck before mount). I think a better target for resilience improvements is actually msdosfs, since users are far more likely to want to deal with potentially currupted FAT file systems from USB devices than UFS file systems from arbitrary sources. And, unlike UFS, it's fairly likely someone with only moderate VFS/VM background could do the basics of this work, with an immediate practical benefit. Robert N M Watson Computer Laboratory University of Cambridge
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20061126144424.B66361>