Lennart Poettering on Nostr: And that for a reason: kernel file system developers mostly do not consider attacks ...
And that for a reason: kernel file system developers mostly do not consider attacks on the kernel through rogue file system images a security vulnerability. File systems are very complex data structures after all, and guaranteeing that a rogue fs image can't exploit the kernel (or just guarantee algorithmic boundedness) is very very hard. Moreover, file systems can carry dangerous things, such as SUID and SGID binaries, or executables with file system capabilities set.
Published at
2024-05-01 06:04:18Event JSON
{
"id": "fd846c8bf03dfda11962d669d96f8268907d96651a408bdb16559d637c5a58e6",
"pubkey": "1d95c32d9a9d95a54f98eb2eaa156f3d3a71dc49eca2c960b2b89962758f1cc0",
"created_at": 1714543458,
"kind": 1,
"tags": [
[
"e",
"da131369be4379107c96790bde3d601cf9b8b8c13cd538bcdeaa935e8648f630",
"wss://relay.mostr.pub",
"reply"
],
[
"proxy",
"https://mastodon.social/users/pid_eins/statuses/112364320076133971",
"activitypub"
]
],
"content": "And that for a reason: kernel file system developers mostly do not consider attacks on the kernel through rogue file system images a security vulnerability. File systems are very complex data structures after all, and guaranteeing that a rogue fs image can't exploit the kernel (or just guarantee algorithmic boundedness) is very very hard. Moreover, file systems can carry dangerous things, such as SUID and SGID binaries, or executables with file system capabilities set.",
"sig": "15b297b5b16ee3fc728019751fd2846657b45e7e9307e486e5bcd5d2f18e95c607df2d514b47d3d7b3099daacf42cefd0fd85ade6cab2292927faf188c3cc96a"
}
