Re: moving affs + RDB partition support to staging?

From: jdow
Date: Mon May 07 2018 - 00:55:02 EST


On 20180506 01:52, John Paul Adrian Glaubitz wrote:
On 04/27/2018 03:26 AM, jdow wrote:
And before I forget there are two features of the RDBs that I heartily recommend never implementing on Linux. They were good ideas at the time; but, times
changed. The RDBs are capable of storing a filesystem driver and some drive init code for the plugin disk driver card. That is giving malware authors entirely
goo easy a shot at owning a machine. Martin S., I would strongly suggest that going forward those two capabilities be removed from the RDB readers in AmigaOS
as well as Linux OS.

I assume removing the feature for AmigaOS isn't really possible since we don't have
the source code for that, do we?

Also, if I remember correctly, Mac partitions can store filesystem drivers as well
and its actually a feature being used in MacOS. parted received a patch some time
ago to fix the correct handling for storing the filesystem driver in the partition
table.

I would be generally against removing these features as I don't think the security
risk is relevant for the majority of users. The Amiga is a hobbyist machine these
days and AmigaOS has certainly way more on than way to be compromised through
vulnerabilities.

Adrian

You do not necessarily have the source for the device drivers. However the DriveInit code and the filesystem code get executed by the OS initialization code. The objection I have to the concept is that it's invisible to the user. The Linux filesystem code is either compiled into the kernel or is available in the libraries where it can be monitored at several levels from source code on up. Within AmigaDOS it can be monitored fairly easily by an AV tool - in theory. Alas, this is trying to lock the barn door after the barn has burned to the ground with a clever enough piece of malware. At least AmigaDOS AV tools should be expected to examine DriveInit and filesystem images on disk in the RDBs for malware modifications to those blocks. This is a burden Linux should not be forced to bear. So loading filesystems from RDBs instead of the more usual and accepted Linux practices should be disabled. And at least a portion of this discussion is Linux related. That's why I mentioned disabling the feature. While I cannot see much money in AmigaDOS related malware I can see it in Linux malware. And there's no real "glory" in launching malware on AmigaDOS. It's too easy a problem last I knew. "Whoopie, you have just proven you can ride a tricycle. Can't you do better?" (One could argue that AmigaDOS 1.0 was self-inflicted malware foisted on marvelous hardware for the era.)

{^_^} Joanne Dow