I am learning about linux security and struggling to understand why a USB stick with a character device on it is potentially dangerous.
If I have a USB stick with a bash executable that has setuid root on it, the danger is obvious: Anybody with such a USB stick can gain root privileges on my computer if I have an entry like
/dev/sdb1 /media/usbstick auto defaults 0 0
in my /etc/fstab because defaults includes suid.
But what about character devices? How can I use a character device to gain root privileges or break stuff if a USB stick with a character device on it gets mounted with dev or defaults?
Aucun commentaire:
Enregistrer un commentaire