oss-security February 2011 archive
Main Archive Page > Month Archives  > oss-security archives
oss-security: Re: [oss-security] Physical access vulnerabilities

Re: [oss-security] Physical access vulnerabilities and auto-mounting

From: Timo Warns <warns_at_nospam>
Date: Wed Feb 23 2011 - 13:15:52 GMT
To: oss-security@lists.openwall.com

Am 23.02.2011 12:07, schrieb Steve Grubb:
> On Wednesday, February 23, 2011 12:11:56 am Eugene Teo wrote:
>> On 02/23/2011 12:17 PM, Dan Rosenberg wrote:
>>> Should auto-mounting be disabled entirely?
>
> You should be able to turn it off. You can also block the loading of any kernel modules
> for file systems that you know you don't want to load.

To a certain extent, this is what makes the recent issues in partition
handling special: The current kernels do not allow to turn off the
evaluation of partition tables.
(However, some patches allow to do so:
https://patchwork.kernel.org/patch/47067/)

Best regards, Timo

-- Dr. Timo Warns warns@pre-sense.de Tel. +49 - 40 - 244 2407 - 16 Fax +49 - 40 - 244 2407 - 24 PRESENSE Technologies GmbH Sachsenstr. 5, D-20097 HH USt-IdNr.: DE263765024 Geschäftsführer/Managing Directors AG Hamburg, HRB 107844 Till Dörges Jürgen Sander Axel Theilmann