Re: gpart device permissions security hole (/dev/geom.ctl)

Reply: Peter 'PMc' Much: "Re: gpart device permissions security hole (/dev/geom.ctl)"
In reply to: Vincent Stemen : "Re: gpart device permissions security hole (/dev/geom.ctl)"
Go to: [ bottom of page ] [ top of archives ] [ this month ]

From: Miroslav Lachman <000.fbsd_at_quip.cz>
Date: Sat, 24 Feb 2024 20:40:13 UTC

On 24/02/2024 21:00, Vincent Stemen wrote:
> On Sat, Feb 24, 2024 at 04:40:00PM +0100, Miroslav Lachman wrote:
>> I agree with this security problem. Just a small note - there are
>> backups of partitions (/var/backups/gpart.*) created by periodic script
>> /etc/periodic/daily/221.backup-gpart (if you have
>> daily_backup_gpart_enable="YES" in your /etc/periodic.conf or in a
>> /etc/defaults/periodic.conf which is the default). That way you can get
>> back the number plate on you house in some cases.
> 
> Thanks.  That's good to know.  I was not aware of those features of
> periodic.

Almost nobody knows. There are 3 scripts to backup disk information:
221.backup-gpart
222.backup-gmirror
223.backup-zfs
They are "newly" in base but was in some PR for many years. I'm the 
co-author.
With these 3 periodic scripts I think more than 95% users can recover / 
restore disk layout. Some corner cases with different GEOM classes are 
not covered, but usual gmirror + UFS, or ZFS should be covered.

Kind regards
Miroslav Lachman