From nobody Sat Feb 24 20:40:13 2024
X-Original-To: stable@mlmmj.nyi.freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1])
	by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4ThzKL4p1dz5BYZW
	for <stable@mlmmj.nyi.freebsd.org>; Sat, 24 Feb 2024 20:40:22 +0000 (UTC)
	(envelope-from SRS0=G+MS=KB=quip.cz=000.fbsd@elsa.codelab.cz)
Received: from elsa.codelab.cz (elsa.codelab.cz [94.124.105.4])
	(using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits))
	(Client did not present a certificate)
	by mx1.freebsd.org (Postfix) with ESMTPS id 4ThzKK2W5tz4Lc7
	for <stable@freebsd.org>; Sat, 24 Feb 2024 20:40:21 +0000 (UTC)
	(envelope-from SRS0=G+MS=KB=quip.cz=000.fbsd@elsa.codelab.cz)
Authentication-Results: mx1.freebsd.org;
	dkim=pass header.d=quip.cz header.s=private header.b=WZg3c08+;
	dkim=pass header.d=quip.cz header.s=private header.b="D/Fz8W/Z";
	dmarc=none;
	spf=none (mx1.freebsd.org: domain of "SRS0=G+MS=KB=quip.cz=000.fbsd@elsa.codelab.cz" has no SPF policy when checking 94.124.105.4) smtp.mailfrom="SRS0=G+MS=KB=quip.cz=000.fbsd@elsa.codelab.cz"
Received: from elsa.codelab.cz (localhost [127.0.0.1])
	by elsa.codelab.cz (Postfix) with ESMTP id 835FFD788F
	for <stable@freebsd.org>; Sat, 24 Feb 2024 21:40:18 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=quip.cz; s=private;
	t=1708807218; bh=p5qSWmSh0LREX0yBBv1F/uW9yFLOwadAT6auLBSiObA=;
	h=Date:Subject:To:References:From:In-Reply-To;
	b=WZg3c08+ciOXE0E6lYJouMPUQoVKZsJkmN65CWm6slrLi19V1DPwL9uCmnoyVfh0A
	 vO8MhQnRZ7TdjN1mIa4fhh7kFlLjqQ2bxy3V+xe1BjSqBcDk16Fc/xsTXg6eQZ+ar/
	 OT8iFUWc3yuGA9+xuNMbNvCVlg1d0L80PvHf9Ll4=
Received: from [192.168.145.49] (ip-89-177-27-225.bb.vodafone.cz [89.177.27.225])
	(using TLSv1.2 with cipher ECDHE-RSA-AES128-GCM-SHA256 (128/128 bits))
	(No client certificate requested)
	by elsa.codelab.cz (Postfix) with ESMTPSA id 51E35D7884
	for <stable@freebsd.org>; Sat, 24 Feb 2024 21:40:14 +0100 (CET)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=quip.cz; s=private;
	t=1708807214; bh=p5qSWmSh0LREX0yBBv1F/uW9yFLOwadAT6auLBSiObA=;
	h=Date:Subject:To:References:From:In-Reply-To;
	b=D/Fz8W/ZkO4k6AnuMT051pKmNqHB5TkppjWAjYYQBC5IaXRUIJq1ieEYRVolDvBrh
	 pCLSttUyUOjvQwRXeFazUDJtr1jeryVj32vhTm54c7jYyS+N/cyfAGhWusI72/FGUo
	 qffv7H54wM0Z81/ShCnXcsFvXIk++uSm/eFh2EVk=
Message-ID: <4de9c605-c93d-4286-a402-0bc52e9d62ff@quip.cz>
Date: Sat, 24 Feb 2024 21:40:13 +0100
List-Id: Production branch of FreeBSD source code <freebsd-stable.freebsd.org>
List-Archive: https://lists.freebsd.org/archives/freebsd-stable
List-Help: <mailto:stable+help@freebsd.org>
List-Post: <mailto:stable@freebsd.org>
List-Subscribe: <mailto:stable+subscribe@freebsd.org>
List-Unsubscribe: <mailto:stable+unsubscribe@freebsd.org>
Sender: owner-freebsd-stable@freebsd.org
X-BeenThere: freebsd-stable@freebsd.org
MIME-Version: 1.0
User-Agent: Mozilla Thunderbird
Subject: Re: gpart device permissions security hole (/dev/geom.ctl)
Content-Language: en-US
To: stable@freebsd.org
References: <ZdE2Hm6y5Fel2etP@marble.hightek.org>
 <slrnutei1n.1ebh.pmc@disp.intra.daemon.contact>
 <Zde7TAehUyMvDQ5F@marble.hightek.org>
 <2421f1a5-d924-4912-abff-e000e41f5459@quip.cz>
 <ZdpK6ltoUgnTSmba@marble.hightek.org>
From: Miroslav Lachman <000.fbsd@quip.cz>
In-Reply-To: <ZdpK6ltoUgnTSmba@marble.hightek.org>
Content-Type: text/plain; charset=UTF-8; format=flowed
Content-Transfer-Encoding: 7bit
X-Spamd-Bar: --
X-Spamd-Result: default: False [-2.98 / 15.00];
	NEURAL_HAM_LONG(-1.00)[-1.000];
	NEURAL_HAM_MEDIUM(-1.00)[-1.000];
	NEURAL_HAM_SHORT(-0.99)[-0.991];
	FORGED_SENDER(0.30)[000.fbsd@quip.cz,SRS0=G@elsa.codelab.cz];
	R_DKIM_ALLOW(-0.20)[quip.cz:s=private];
	MIME_GOOD(-0.10)[text/plain];
	XM_UA_NO_VERSION(0.01)[];
	R_SPF_NA(0.00)[no SPF record];
	RCVD_VIA_SMTP_AUTH(0.00)[];
	RCPT_COUNT_ONE(0.00)[1];
	DMARC_NA(0.00)[quip.cz];
	MIME_TRACE(0.00)[0:+];
	ASN(0.00)[asn:42000, ipnet:94.124.104.0/21, country:CZ];
	MID_RHS_MATCH_FROM(0.00)[];
	MLMMJ_DEST(0.00)[stable@freebsd.org];
	ARC_NA(0.00)[];
	RCVD_COUNT_TWO(0.00)[2];
	FROM_NEQ_ENVFROM(0.00)[000.fbsd@quip.cz,SRS0=G@elsa.codelab.cz];
	FROM_HAS_DN(0.00)[];
	RCVD_TLS_LAST(0.00)[];
	TO_DN_NONE(0.00)[];
	PREVIOUSLY_DELIVERED(0.00)[stable@freebsd.org];
	TAGGED_FROM(0.00)[MS=KB=quip.cz=000.fbsd];
	TO_MATCH_ENVRCPT_ALL(0.00)[];
	DKIM_TRACE(0.00)[quip.cz:+]
X-Rspamd-Queue-Id: 4ThzKK2W5tz4Lc7

On 24/02/2024 21:00, Vincent Stemen wrote:
> On Sat, Feb 24, 2024 at 04:40:00PM +0100, Miroslav Lachman wrote:
>> I agree with this security problem. Just a small note - there are
>> backups of partitions (/var/backups/gpart.*) created by periodic script
>> /etc/periodic/daily/221.backup-gpart (if you have
>> daily_backup_gpart_enable="YES" in your /etc/periodic.conf or in a
>> /etc/defaults/periodic.conf which is the default). That way you can get
>> back the number plate on you house in some cases.
> 
> Thanks.  That's good to know.  I was not aware of those features of
> periodic.

Almost nobody knows. There are 3 scripts to backup disk information:
221.backup-gpart
222.backup-gmirror
223.backup-zfs
They are "newly" in base but was in some PR for many years. I'm the 
co-author.
With these 3 periodic scripts I think more than 95% users can recover / 
restore disk layout. Some corner cases with different GEOM classes are 
not covered, but usual gmirror + UFS, or ZFS should be covered.

Kind regards
Miroslav Lachman