[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Security support status of xnf(4) and xbf(4)



Linux’s netfront and blkfront drivers recently had a security
vulnerability (XSA-396) that allowed a malicious backend to potentially
compromise them.  In follow-up audits, I found that OpenBSD’s xnf(4)
currently trusts the backend domain.  I reported this privately to Theo
de Raadt, who indicated that OpenBSD does not consider this to be a
security concern.

This is obviously a valid position for the OpenBSD project to take, but
it is surprising to some (such as myself) from the broader Xen
ecosystem.  Standard practice in the Xen world is that bugs in frontends
that allow a malicious backend to cause mischief *are* considered
security bugs unless there is explicit documentation to the contrary.
As such, I believe this deserves to be noted in xnf(4) and xbf(4)’s man
pages.  If the OpenBSD project agrees, I am willing to write a patch,
but I have no experience with mandoc so it might take a few tries.
-- 
Sincerely,
Demi Marie Obenour (she/her/hers)
Invisible Things Lab

Attachment: signature.asc
Description: PGP signature


 


Rackspace

Lists.xenproject.org is hosted with RackSpace, monitoring our
servers 24x7x365 and backed by RackSpace's Fanatical Support®.