Re: moving affs + RDB partition support to staging?
From: jdow
Date: Mon May 07 2018 - 00:55:02 EST
On 20180506 01:52, John Paul Adrian Glaubitz wrote:
On 04/27/2018 03:26 AM, jdow wrote:
And before I forget there are two features of the RDBs that I heartily recommend never implementing on Linux. They were good ideas at the time; but, times
changed. The RDBs are capable of storing a filesystem driver and some drive init code for the plugin disk driver card. That is giving malware authors entirely
goo easy a shot at owning a machine. Martin S., I would strongly suggest that going forward those two capabilities be removed from the RDB readers in AmigaOS
as well as Linux OS.
I assume removing the feature for AmigaOS isn't really possible since we don't have
the source code for that, do we?
Also, if I remember correctly, Mac partitions can store filesystem drivers as well
and its actually a feature being used in MacOS. parted received a patch some time
ago to fix the correct handling for storing the filesystem driver in the partition
table.
I would be generally against removing these features as I don't think the security
risk is relevant for the majority of users. The Amiga is a hobbyist machine these
days and AmigaOS has certainly way more on than way to be compromised through
vulnerabilities.
Adrian
You do not necessarily have the source for the device drivers. However the
DriveInit code and the filesystem code get executed by the OS initialization
code. The objection I have to the concept is that it's invisible to the user.
The Linux filesystem code is either compiled into the kernel or is available in
the libraries where it can be monitored at several levels from source code on
up. Within AmigaDOS it can be monitored fairly easily by an AV tool - in theory.
Alas, this is trying to lock the barn door after the barn has burned to the
ground with a clever enough piece of malware. At least AmigaDOS AV tools should
be expected to examine DriveInit and filesystem images on disk in the RDBs for
malware modifications to those blocks. This is a burden Linux should not be
forced to bear. So loading filesystems from RDBs instead of the more usual and
accepted Linux practices should be disabled. And at least a portion of this
discussion is Linux related. That's why I mentioned disabling the feature. While
I cannot see much money in AmigaDOS related malware I can see it in Linux
malware. And there's no real "glory" in launching malware on AmigaDOS. It's too
easy a problem last I knew. "Whoopie, you have just proven you can ride a
tricycle. Can't you do better?" (One could argue that AmigaDOS 1.0 was
self-inflicted malware foisted on marvelous hardware for the era.)
{^_^} Joanne Dow