Received: by 10.192.165.148 with SMTP id m20csp2671607imm; Sun, 6 May 2018 21:55:23 -0700 (PDT) X-Google-Smtp-Source: AB8JxZq+hVuIgIAAATHDvuNsW9fVdVQAKA4EkZZhSahQwCSi66F+KUNYQtEZqjrj6YtjyG/RGTxw X-Received: by 2002:a17:902:7b97:: with SMTP id w23-v6mr29621976pll.116.1525668923016; Sun, 06 May 2018 21:55:23 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1525668922; cv=none; d=google.com; s=arc-20160816; b=1CLASfTHVQJRFu+57Dr3hjeRzJazkIhuO6s9exxg+YpR4QxkKPDdrYnBXlIoZztRlg Esj3lgVeOpJb2SCzWY/P5V88JmA+BeJ3S5RZtKus8pq8kWgNeFEAdglypedC4IT5w5Pi WH/Fj3CHWmv2fO5uCAju+MHIxOgbgIQZEm1vBTW3/oE+EeecINQRuCAFkAPS+eZXODrC +czb79jluMfBFEJ3dnJBbKtZc9/1CPPsKuEBD/gd+vHBiTfC2AEbG8anpfGq45jfGSkJ YDMiZ+g1ylEBxMz7GlhH1pKmTtfiRFtcIqK8jckMbxX4eM6NR/dQWstDgEZeINw2AtiI 602w== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding :content-language:in-reply-to:mime-version:user-agent:date :message-id:from:references:cc:to:subject:domainkey-signature :dkim-signature:arc-authentication-results; bh=hyb7ExrMzbFXTk/OLKlTyE44bayZUqdIJzf/sQ6fuoc=; b=oe/fl+rBWn0cR2KZhf5VlnhWmsjLOtSMDQ4lPsMgbo0GIjMRtQJTnPa2ujtnzEV8i2 +KGH0kdMCCSzW4cRJRlTISKF4qDE+4VaB6KEiUJQdk81gXit9YfHU7/XDxbmDFToC+OA ovWNXyDkIxbbflXOqxOIO8DrEmApeHdqI6tkIwD60Dj4I1Fzj4+/1GRecPMVILjWYpdd xwX01ZrVcJmpVpOLL5ZGcAnKKnYVIeNSaVcwpVzBXGiShFJ4uws+5mO5N31tGgQOXm6d ece25fp4q6hddY/9l05pcoR3xvfXMS6rOf0XkFZWYRl4crls9ZCbUpJ1hbL+VDbSSRZp C02A== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@earthlink.net header.s=dk12062016 header.b=ZtQ/6RGC; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=earthlink.net Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id 24si21444750pfr.242.2018.05.06.21.55.08; Sun, 06 May 2018 21:55:22 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; dkim=pass header.i=@earthlink.net header.s=dk12062016 header.b=ZtQ/6RGC; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=earthlink.net Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751988AbeEGEy5 (ORCPT + 99 others); Mon, 7 May 2018 00:54:57 -0400 Received: from elasmtp-curtail.atl.sa.earthlink.net ([209.86.89.64]:33538 "EHLO elasmtp-curtail.atl.sa.earthlink.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751082AbeEGEyx (ORCPT ); Mon, 7 May 2018 00:54:53 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=earthlink.net; s=dk12062016; t=1525668893; bh=hyb7ExrMzbFXTk/OLKlTyE44bayZUqdIJzf/ sQ6fuoc=; h=Received:Subject:To:Cc:References:From:Message-ID:Date: User-Agent:MIME-Version:In-Reply-To:Content-Type:Content-Language: Content-Transfer-Encoding:X-ELNK-Trace:X-Originating-IP; b=ZtQ/6RG CX6Kc/wEqF9UdMFrHiPgkXyRYCx3wAD4VTGro9wFGR/7diWTkgKHXhbkT61PX0B+BKN Chuhopk/4duBH59h5F6WJ7QnmKnTOtdEM5do6DqKUJBBveqqTrIq9+ca1IkHoomnqJX 9uhYlvWe57WMGJx4wTavNmpojjxB3q/a68KAyENjVk8iHOCje9KsmiYYFFvmdHVQZvW OrChhJDwHPMdRl+kIwMOeLcH3TQMVSFVxfYRbsHKr1KHVg73zr7yg5bti8PMY7zFmN5 8ZUl331Va3hgv6C1wuoM7kBv4obzluPHID2n4/lctBuA6usiFRuGpWqx3F5hBt+2AsQ == DomainKey-Signature: a=rsa-sha1; q=dns; c=nofws; s=dk12062016; d=earthlink.net; b=fIqFz4DkRKpSxALoNEbrWtB1ZCBsoYsI3nMLvv2XUbO5TYtDRMlRN1QqXg9mDTCHMkf3K42koutXqmUSe/3jEKY0HOZdV89niOLKp9PbmfDT9ZXyS44HjYSfmRVNiyE8dlUBGunUkKN5/ve0V955BpkTC3vR8T/0PgXH7ROpC+ZwnJrQSu1dCpFq3BbMWEtF8k+BhDuXfANe6dRvr96jypqhga6nDM+QZCSW+3nbJ26bGWuOaFOo/bnOyCAgPSL92ANIOpWFS4EsdQMjpz82pAdNmvVp9PGGp3kBY38yZKHZ0qb3UabRsZd2gsyN1Qrk36fzn3BXvNdA0HNw8QTHpw==; h=Received:Subject:To:Cc:References:From:Message-ID:Date:User-Agent:MIME-Version:In-Reply-To:Content-Type:Content-Language:Content-Transfer-Encoding:X-ELNK-Trace:X-Originating-IP; Received: from [68.183.100.23] (helo=[192.168.37.199]) by elasmtp-curtail.atl.sa.earthlink.net with esmtpa (Exim 4) (envelope-from ) id 1fFYAj-000B50-75; Mon, 07 May 2018 00:54:49 -0400 Subject: Re: moving affs + RDB partition support to staging? To: John Paul Adrian Glaubitz , Geert Uytterhoeven , Martin Steigerwald Cc: Matthew Wilcox , David Sterba , Linux FS Devel , Linux Kernel Mailing List , Jens Axboe , linux-m68k References: <20180425154602.GA8546@bombadil.infradead.org> <20180425203029.GQ21272@twin.jikos.cz> <20180426025717.GA32430@bombadil.infradead.org> <1613268.lKBQxPXt8J@merkaba> <7a997bb7-7f1c-e8b4-667c-3993f1d82e7c@earthlink.net> From: jdow Message-ID: Date: Sun, 6 May 2018 21:54:47 -0700 User-Agent: Mozilla/5.0 (Windows NT 10.0; WOW64; rv:52.0) Gecko/20100101 Thunderbird/52.7.0 MIME-Version: 1.0 In-Reply-To: Content-Type: text/plain; charset=utf-8; format=flowed Content-Language: en-US Content-Transfer-Encoding: 7bit X-ELNK-Trace: bb89ecdb26a8f9f24d2b10475b571120c608774229b1867d772ad4168e56cb39d1be6a00da4cd729350badd9bab72f9c350badd9bab72f9c350badd9bab72f9c X-Originating-IP: 68.183.100.23 Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 20180506 01:52, John Paul Adrian Glaubitz wrote: > On 04/27/2018 03:26 AM, jdow wrote: >> And before I forget there are two features of the RDBs that I heartily recommend never implementing on Linux. They were good ideas at the time; but, times >> changed. The RDBs are capable of storing a filesystem driver and some drive init code for the plugin disk driver card. That is giving malware authors entirely >> goo easy a shot at owning a machine. Martin S., I would strongly suggest that going forward those two capabilities be removed from the RDB readers in AmigaOS >> as well as Linux OS. > > I assume removing the feature for AmigaOS isn't really possible since we don't have > the source code for that, do we? > > Also, if I remember correctly, Mac partitions can store filesystem drivers as well > and its actually a feature being used in MacOS. parted received a patch some time > ago to fix the correct handling for storing the filesystem driver in the partition > table. > > I would be generally against removing these features as I don't think the security > risk is relevant for the majority of users. The Amiga is a hobbyist machine these > days and AmigaOS has certainly way more on than way to be compromised through > vulnerabilities. > > Adrian You do not necessarily have the source for the device drivers. However the DriveInit code and the filesystem code get executed by the OS initialization code. The objection I have to the concept is that it's invisible to the user. The Linux filesystem code is either compiled into the kernel or is available in the libraries where it can be monitored at several levels from source code on up. Within AmigaDOS it can be monitored fairly easily by an AV tool - in theory. Alas, this is trying to lock the barn door after the barn has burned to the ground with a clever enough piece of malware. At least AmigaDOS AV tools should be expected to examine DriveInit and filesystem images on disk in the RDBs for malware modifications to those blocks. This is a burden Linux should not be forced to bear. So loading filesystems from RDBs instead of the more usual and accepted Linux practices should be disabled. And at least a portion of this discussion is Linux related. That's why I mentioned disabling the feature. While I cannot see much money in AmigaDOS related malware I can see it in Linux malware. And there's no real "glory" in launching malware on AmigaDOS. It's too easy a problem last I knew. "Whoopie, you have just proven you can ride a tricycle. Can't you do better?" (One could argue that AmigaDOS 1.0 was self-inflicted malware foisted on marvelous hardware for the era.) {^_^} Joanne Dow