Re: Malicious devices & vulnerabilties

[Ludwig Nussel <ludwig.nussel () suse de>]

Alistair Crooks wrote:
> On Mon, Jan 09, 2012 at 03:48:20AM +0800, Eugene Teo wrote:
> > On 01/08/2012 07:19 PM, Florian Weimer wrote:
> > > > I am wondering where to draw the line.  Should such device drivers
> > > > be considered vulnerable or not?  Thanks.
> > >
> > > I think they should be considered vulnerable.  Some applications need
> > > some robustness to attacks even from the local console (e.g., student
> > > computer rooms).
> > >
> > > USB is also a popular transport in many air-gapped environments.
> >
> > I would consider them vulnerable with low security impacts. If you are
> > fixing such issues, do post them to the list.
>
> One very interesting datapoint here is Antti Kantee's rump subsystem
> in NetBSD
>
>       http://www.netbsd.org/docs/rump/
>       http://blog.netbsd.org/tnf/entry/runnable_userspace_meta_programs_in
>
> which allows for userspace-mounting of devices and filesystems
> thereon.  Unknown provenance USB sticks are one of the use cases
> mentioned.

Nice. Using fuse for mounting hot plugged devices where performance
isn't a priority anyways is what I dream about sometimes too :-)
I wonder how hard it would be to create some glue code and re-use the
existing kernel fs drivers 1:1.

cu
Ludwig

-- 
 (o_   Ludwig Nussel
 //\
 V_/_  http://www.suse.de/
SUSE LINUX Products GmbH, GF: Jeff Hawn, Jennifer Guild, Felix Imendörffer, HRB 16746 (AG Nürnberg)