[zfs-discuss] Failed to Import Pool via Cache File

Gregor Kopka (@zfs-discuss) zfs-discuss at kopka.net
Mon Dec 18 15:06:48 EST 2017



Am 18.12.2017 um 20:21 schrieb Gena Makhomed via zfs-discuss:
> On 18.12.2017 21:05, Gregor Kopka (@zfs-discuss) via zfs-discuss wrote:
>
>> Ceterum censeo /etc/zpool.cache should be abolished.
>
> zfs-import-scan.service has security vulnerabilities
My guess would be that the issue you raise is that the /zpool import -a/
it issues will pull in any pools it finds, a subsequent /zfs mount -a/
will happily mount filesystems from any pool that is imported at that
point - thus one would be able to add an USB drive, reboot, have the
pool in it imported and eg. replace /root/.ssh to access the system.

IMHO moot as physically accessing a box always allows to compromise it,
and be it by putting the OS that boots into a VM to get at the keys.
Also, in my view, the bigger security vulnerability is systemd here
(hence I don't support or use /that/ abomination), but that's a
different discussion.

My point isn't that zfs should scan for any pool it can find but that
there should be a /text/ configration file (left alone by ZFS)
containing a list of pools to import (and mount) in the given order.
With zpool.cache being a /binary /file that is /magically /updated (by
zpool import/export invocations) with the set of pools to import it
dosn't look like good unix style to me.

Gregor

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://list.zfsonlinux.org/pipermail/zfs-discuss/attachments/20171218/c6a7d83c/attachment.html>


More information about the zfs-discuss mailing list