On 04/26/16 16:17, Conrad Meyer wrote:
On Tue, Apr 26, 2016 at 2:13 PM, Adrian Chadd <adrian.ch...@gmail.com> wrote:
You mean "hotplug mount a malicious USB disk via some installed
graphical enviornment?"
NOone does that... :)
Sure, but there the vulnerability is (IMO) that users are allowed to
arbitrarily mount stuff. That's a huge attack surface and this fix
only scratches the surface.
This is a plain bug, it may be nasty but not really a security
vulnerability.
If you give physical access to your system to an attacker you
probably have bigger problems than this.
We do need to make filesystems more resilient to malice. AFL?
That is a good idea.
For reference:
https://lwn.net/Articles/637151/
Cheers,
Pedro.
_______________________________________________
svn-src-all@freebsd.org mailing list
https://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"
