|
|
Log in / Subscribe / Register

Udev rules and the management of the plumbing layer

Udev rules and the management of the plumbing layer

Posted Aug 14, 2008 13:23 UTC (Thu) by chsnyder (guest, #52714)
In reply to: Udev rules and the management of the plumbing layer by cortana
Parent article: Udev rules and the management of the plumbing layer 

Well okay, you need physical access to the box, which is pretty much game over in terms of
security anyway, so this is more of an annoyance than a security issue.

The system boots from internal scsi raid, but after kernel loads scsi and usb drivers, it
remounts the filesystems according to /etc/fstab. Problem is, the usb drive is seen first so
gets /dev/sda and the boot drive gets /dev/sdb. 

Bootup craps out because the usb drive doesn't have /sbin/init. I was thinking that if the usb
drive had a full, working Linux system on it, an attacker would have control of the system.
But lets face it, if someone can get to the box, plug in a usb drive, and reboot, you have
bigger problems.

I'll file a bug, but I remember seeing an earlier one that said that device assignments aren't
guaranteed, so use labels or uuids. The bug in that case should be filed on the installer.

to post comments

Risks of device naming

Posted Aug 17, 2008 20:14 UTC (Sun) by dark (guest, #8483) [Link]

I think it's still a security problem. You might have stuck in a USB stick in order to transfer data from it, and forgotten to take it out before rebooting. If that USB stick has a boot-time virus then you lose your system, even though it was never your intent to run any code from it.


Copyright © 2026, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds