oss-sec mailing list archives
Re: Malicious devices & vulnerabilties
From: Alistair Crooks <agc () netbsd org>
Date: Sun, 8 Jan 2012 22:18:07 +0100
On Mon, Jan 09, 2012 at 03:48:20AM +0800, Eugene Teo wrote:
On 01/08/2012 07:19 PM, Florian Weimer wrote:* Xi Wang:I am wondering where to draw the line. Should such device drivers be considered vulnerable or not? Thanks.I think they should be considered vulnerable. Some applications need some robustness to attacks even from the local console (e.g., student computer rooms). USB is also a popular transport in many air-gapped environments.I would consider them vulnerable with low security impacts. If you are fixing such issues, do post them to the list.
One very interesting datapoint here is Antti Kantee's rump subsystem in NetBSD http://www.netbsd.org/docs/rump/ http://blog.netbsd.org/tnf/entry/runnable_userspace_meta_programs_in which allows for userspace-mounting of devices and filesystems thereon. Unknown provenance USB sticks are one of the use cases mentioned. + rump_msdos: USB sticks with FAT file systems are a common sight. Mounting an untrusted image from removable media with the file system driver running in the kernel is risky in many ways: inopportune unplugging of the media or a corrupted file system may have adverse effects such as system crashes or worse. By using the rump_msdos command instead of mount_msdos, the file system service runs in userspace and is accessed via puffs. This isolates the main kernel from any resulting problems such as buffer overflows. The usage of mount_msdos and rump_msdos are equivalent... If USB is a transport in air-gapped environments, I personally have a concern with that. A good thing airgaps aren't used for anything in RL, right? ;-) Regards, Alistair PS. Obvious disclaimer - I am biased. PPS. Just reading REAMDE right now -- Alistair Crooks {agc,security-officer}@NetBSD.org
Current thread:
- Malicious devices & vulnerabilties Xi Wang (Jan 07)
- Re: Malicious devices & vulnerabilties Florian Weimer (Jan 08)
- Re: Malicious devices & vulnerabilties Eugene Teo (Jan 08)
- Re: Malicious devices & vulnerabilties Alistair Crooks (Jan 08)
- Re: Malicious devices & vulnerabilties Ludwig Nussel (Jan 09)
- Re: Malicious devices & vulnerabilties Alistair Crooks (Jan 09)
- Re: Malicious devices & vulnerabilties Eugene Teo (Jan 08)
- Re: Malicious devices & vulnerabilties Florian Weimer (Jan 08)
- Re: Malicious devices & vulnerabilties Xi Wang (Jan 08)
- Re: Malicious devices & vulnerabilties Eitan Adler (Jan 08)
- Re: Malicious devices & vulnerabilties Xi Wang (Jan 08)
- Re: Malicious devices & vulnerabilties Vasiliy Kulikov (Jan 09)
- Re: Malicious devices & vulnerabilties Kurt Seifried (Jan 08)
- Re: Malicious devices & vulnerabilties Florian Weimer (Jan 09)
- Re: Malicious devices & vulnerabilties Kurt Seifried (Jan 09)