Mailinglist Archive: opensuse-factory (608 mails)

< Previous Next >
Re: [opensuse-factory] [PLEASE SPEAK UP] Disabling legacy file systems by default?
On 1/30/19 1:59 PM, Andrei Borzenkov wrote:
30.01.2019 19:41, Martin Wilck пишет:
SUSE will blacklist a number of legacy and/or less frequently used
file systems by default on SLES for security reasons.

The proposed list can be seen here:

https://github.com/openSUSE/suse-module-tools/pull/5/commits/8cb42fb6658f210cb8c955d584a65f7b041c0575


# The following list only specifies local file systems since those are the
# only ones that will be detected automatically by mount(8).

This patch not only blocks auto-detected filesystem types, it also makes
mount(8) with *explicit* fstype fail (also in /etc/fstab) unless module
implementing this fstype is loaded in advance.


bor@bor-Latitude-E5450:~/src/util-linux$ LC_ALL=C mkfs.cramfs sys-utils/
/tmp/cramfs.loop
mkfs.cramfs: warning: gids truncated to 8 bits. (This may be a security
concern.)
bor@bor-Latitude-E5450:~/src/util-linux$ LC_ALL=C blkid /tmp/cramfs.loop
/tmp/cramfs.loop: LABEL="Compressed" TYPE="cramfs"
bor@bor-Latitude-E5450:~/src/util-linux$ LC_ALL=C sudo mount -o loop
/tmp/cramfs.loop /mnt
mount: /mnt: unknown filesystem type 'cramfs'.
bor@bor-Latitude-E5450:~/src/util-linux$


Is it intentional?

Yes.

Unless mount(8) specifically loads a module, which it doesn't, then the
kernel still needs to request the module to be loaded. If an
unprivileged user can execute mount with a type to load a crafted image,
then there's no protection at all.

-Jeff

--
Jeff Mahoney
SUSE Labs
--
To unsubscribe, e-mail: opensuse-factory+unsubscribe@xxxxxxxxxxxx
To contact the owner, e-mail: opensuse-factory+owner@xxxxxxxxxxxx

< Previous Next >