oss-security February 2011 archive
Main Archive Page > Month Archives  > oss-security archives
oss-security: Re: [oss-security] Physical access vulnerabilities

Re: [oss-security] Physical access vulnerabilities and auto-mounting

From: Michael Tokarev <mjt_at_nospam>
Date: Wed Feb 23 2011 - 07:44:08 GMT
To: oss-security@lists.openwall.com

23.02.2011 08:46, Nelson Elhage wrote:
> I don't have any definite opinions here about where to draw which
> lines, but I want to point out that in addition to physical attack
> vectors, virtualization tools are also potentially affected by these
> kinds of bugs. If you try to mount an untrusted VM's virtual disk
> image from somewhere, you're also vulnerable to that VM triggering
> bugs in the filesystem or other layers.

And that's why projects like http://www.libguestfs.org/ emerges.
FWIW ;)

/mjt