Re: [oss-security] Physical access vulnerabilities and auto-mounting

From: Timo Warns <warns_at_nospam>
Date: Wed Feb 23 2011 - 13:15:52 GMT
To: oss-security@lists.openwall.com

Am 23.02.2011 12:07, schrieb Steve Grubb:
> On Wednesday, February 23, 2011 12:11:56 am Eugene Teo wrote:
>> On 02/23/2011 12:17 PM, Dan Rosenberg wrote:
>>> Should auto-mounting be disabled entirely?
>
> You should be able to turn it off. You can also block the loading of any kernel modules
> for file systems that you know you don't want to load.

To a certain extent, this is what makes the recent issues in partition
handling special: The current kernels do not allow to turn off the
evaluation of partition tables.
(However, some patches allow to do so:
https://patchwork.kernel.org/patch/47067/)

Best regards, Timo

-- Dr. Timo Warns warns@pre-sense.de Tel. +49 - 40 - 244 2407 - 16 Fax +49 - 40 - 244 2407 - 24 PRESENSE Technologies GmbH Sachsenstr. 5, D-20097 HH USt-IdNr.: DE263765024 Geschäftsführer/Managing Directors AG Hamburg, HRB 107844 Till Dörges Jürgen Sander Axel Theilmann

This message: [ Message body ]
Next message: Hanno Böck: "[oss-security] CVE request: pmwiki before 2.2.21"
Previous message: Timo Warns: "[oss-security] CVE request: kernel: fs/partitions: Kernel heap overflow via corrupted LDM partition tables"
In reply to: Steve Grubb: "Re: [oss-security] Physical access vulnerabilities and auto-mounting"
Next in thread: Steven M. Christey: "Re: [oss-security] Physical access vulnerabilities and auto-mounting"

Contemporary messages sorted: [ By Date ] [ By Thread ] [ By Subject ] [ By Author ]