Quoting Adam Borowski (kilob...@angband.pl): > Then there are local exploits. Ted Ts'o for example keeps fuzzying ext4 for > years yet exploitable bugs still pop up frequently -- usually just DoS but > arbitrary code execution isn't unheard of.
I've read a lot of e2fsprogs CVEs, and cannot recall any ever having been _proved exploitable_ to allow arbitrary code execution. In a number of cases, there have been bugs, generally buffer overflows, that in theory could _possibly_ lead to arbitrary code execution that in theory might exploit privileged code such as e2fsprogs mount code, thus in theory possibly supporting privilege escalation. Where I'm pretty sure you are massively exaggerating is by eliding the necessary qualifiers 'in theory' and 'possibly' and claiming observed paths to arbitrary code execution (leveraging privileged routines). There is a gaping hole between 'buffer overflow that someone might eventually figure out how to do bad things with' and 'arbitrary code execution'. If we're going to have realistic discussions of security on Dng, it would help to forego 'Bad things are possible, ergo doomsday just happened' rhetoric. Concur that USB is a security Typhoid Mary. I would dearly love to see hardware devices enforcing USB class identities on connected devices, so that, say, a USB key drive can claim all it wants to be a USB HID-class device rather than UMS-class, but isn't believed. Short of that, I'm just really careful what hardware I permit. Attacks relying on USB devices masquerading as a different class come up fairly often on Schneier's blog, e.g., https://www.schneier.com/blog/archives/2011/06/yet_another_peo.html -- Cheers, "I am a member of a civilization (IAAMOAC). Step back Rick Moen from anger. Study how awful our ancestors had it, yet r...@linuxmafia.com they struggled to get you here. Repay them by appreciating McQ! (4x80) the civilization you inherited." -- David Brin _______________________________________________ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
