Mailinglist Archive: opensuse-factory (602 mails)

< Previous Next >
Re: [opensuse-factory] Re: [PLEASE SPEAK UP] Disabling legacy file systems by default?


On 02/02/2019 04:12, Jim E Bonfiglio wrote:
Hi Simon- I would challenge you to examine the feasibility of such a
containment across the entirety of the storage subsystem as this ought
to be a significant value add to SLES customers, not to mention
openSUSE users. As far as I'm aware it is not necessary to disable
features of a subsystem to eliminate its attack surface.

Per my previous reply to Martin Wilck, I would not complain should all
file systems be "made secure" however I don't think that is necessary
as all file systems have already had or willl very likely have in the
future a security vulnerability discovered such that work becomes
necessary to correct the vulnerability. In lieu of addressing each
insecure file systems through correction or disablement, the attack
surface could be eliminated instead vis-à-vis some sort of virtualized
layer between the subsystem and its connecting components.

In lieu of a virtualized layer between the subsystem and its connecting
components, I suppose disabling the file systems would eliminate the
current risk, but does not address future risk to any sort of CVE
bulletin or other discovery regarding file system vulnerability. I
strongly recommend addressing the root cause of this attack surface
rather than reducing the size of the surface itself.


Best, Jim

Well that is also well outside my scope, Given SUSE's upstream first
policy such a set of changes would have to be developed in the upstream
kernel before we adopted them. In SUSE / openSUSE, even if someone is
willing to completely revamp the storage subsystem and do it in such a
way that doesn't cause a significant performance hit the process will
still take at least a year likely more before it reaches our kernels
which means we need to do something in the mean time of which disabling
uncommonly used and not well maintained filesystems makes sense.

Even if it was re written it would still have bugs as any sufficiently
complex software does and eventually someone would find a way to exploit
such.

--

Simon Lees (Simotek) http://simotek.net

Emergency Update Team keybase.io/simotek
SUSE Linux Adelaide Australia, UTC+10:30
GPG Fingerprint: 5B87 DB9D 88DC F606 E489 CEC5 0922 C246 02F0 014B

< Previous Next >
List Navigation
This Thread
Follow Ups