top | item 42392697

(no title)

mgsouth | 1 year ago

[This is a link to a Mastodon infosec topic. I've completely editorialized the page title, so am posting as Tell HN instead.] [Edit: Well, I submitted it that way. HN stripped the "Tell HN:". The original page's title is pretty useless, so don't know what the proper thing to do is.]

EXT (all versions) has a filesystem flag telling the kernel to panic on FS error. In the link, Will Dormann demonstrates inserting a USB key with a malicous image and instantly rebooting the PC.

In this case, the laptop had USB auto-mounting enabled. However, I believe this should apply to any mounts against user-modifiable or -specifiable sources. NFS, FUSE, user namespaces, even local files with "-o loop" option. And the MOUNT(8) man page has this interesting tidbit:

    Since util-linux 2.35, mount does not exit when user permissions are
    inadequate according to libmount’s internal security rules. Instead, it
    drops suid permissions and continues as regular non-root user. This
    behavior supports use-cases where root permissions are not necessary
    (e.g., fuse filesystems, user namespaces, etc).

discuss

No comments yet.