From: Jonas Meurer <jonas@freesources.org>
To: dm-crypt@saout.de
Subject: Re: [dm-crypt] About CVE-2016-4484: - Cryptsetup Initrd root Shell
Date: Wed, 16 Nov 2016 01:08:31 +0100 [thread overview]
Message-ID: <70a8f691-e02e-c2c9-b206-0e2bc028e113@freesources.org> (raw)
In-Reply-To: <20161115235254.GA13171@tansi.org>
[-- Attachment #1.1: Type: text/plain, Size: 1911 bytes --]
Hi list,
Am 16.11.2016 um 00:52 schrieb Arno Wagner:
> On Wed, Nov 16, 2016 at 00:28:50 CET, Sven Eschenberg wrote:
> [...]
>> The CVE however assumed, that you can not simply access the internal
>> parts of the machine. Still, more fuzz than substance in that CVE,
>> if you ask me.
>
> My take also. Probably some ego-boosting going on
> somewhere in this affair. The whole set-up seems
> contrieved to me and not of general applicability
> enough to make this a CVE or even a real defect.
>
> At best, I see a mild violation of the "Principle of
> least surprise". Anybody that really needs the
> "security" the fix provides has far bigger problems.
I agree that the whole issue is slightly overexaggerated and there's a
lot of clickbaiting going on in the news about it. [1]
Still I agree with the reporters that there are special scenarios where
the discovered flaw can be considered as vulnerability: For setups where
the attacker has physical access to keyboard but not to the computer and
both BIOS and bootloader are locked.
This is a very special setup but I can imagine that it exists at public
computers like in libraries, universities, bars, ...
While I don't agree on the way this issue was handled and I'm not
convinced that it deserves a CVE, I agree that we (as the distribution
developers/maintainers) should fix it in some way.
At the moment I'm inclined to suggest to propose a change to
initramfs-tools which disables the dropping to emergency shell per
default and reboots/freezes instead. Dropping to emergency shell in case
of an error during initramfs could be activated manually through a boot
parameter.
Cheers,
jonas
[1] an extreme example is the headline "Major Linux security hole found
in Cryptsetup script for LUKS disk encryption", found here:
http://betanews.com/2016/11/15/linux-security-bug-cryptsetup-luks/
[-- Attachment #2: OpenPGP digital signature --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
next prev parent reply other threads:[~2016-11-16 0:46 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-11-15 12:34 [dm-crypt] About CVE-2016-4484: - Cryptsetup Initrd root Shell Milan Broz
2016-11-15 13:27 ` Arno Wagner
2016-11-15 13:32 ` Sven Eschenberg
2016-11-15 15:18 ` Robert Nichols
2016-11-15 18:40 ` Sven Eschenberg
2016-11-15 19:19 ` Robert Nichols
2016-11-15 19:42 ` Sven Eschenberg
2016-11-15 22:51 ` Robert Nichols
2016-11-15 23:15 ` Michael Kjörling
2016-11-15 23:28 ` Sven Eschenberg
2016-11-15 23:52 ` Arno Wagner
2016-11-16 0:08 ` Jonas Meurer [this message]
2016-11-16 1:15 ` Sven Eschenberg
2016-11-16 7:32 ` Milan Broz
2016-11-16 13:48 ` Arno Wagner
2016-11-29 14:56 ` David Niklas
2016-12-07 11:37 ` Jonas Meurer
2016-12-07 13:00 ` Arno Wagner
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=70a8f691-e02e-c2c9-b206-0e2bc028e113@freesources.org \
--to=jonas@freesources.org \
--cc=dm-crypt@saout.de \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.