4 Feb
2015
4 Feb
'15
23:55
http://bugzilla.suse.com/show_bug.cgi?id=910500 --- Comment #14 from Neil Brown <nfbrown@suse.com> --- (In reply to Marcus Meissner from comment #12)
Is this USB attack vector valid? Can this really happen on just plugging in a prepared USB stick?
Yes. If you plug in a USB which has been configured as the working device in a degraded RAID1, then udev will run "mdadm -I devicename" and the array will be activated. This is not unlike the way a FAT filesystem will automatically be mounted. Once the array has been assembled, /usr/share/mdadm/mdcheck will (at 1am) find it as a "/dev/md*" and will try to extra the UUID to decide what is to be done. -- You are receiving this mail because: You are on the CC list for the bug.