Groups | Search | Server Info | Keyboard shortcuts | Login | Register [http] [https] [nntp] [nntps]
Groups > comp.os.linux.security > #53 > unrolled thread
| Started by | Günther Schwarz <strap@gmx.de> |
|---|---|
| First post | 2011-11-01 20:31 +0000 |
| Last post | 2011-12-17 16:32 +0000 |
| Articles | 6 — 4 participants |
Back to article view | Back to comp.os.linux.security
Write protection on SD cards Günther Schwarz <strap@gmx.de> - 2011-11-01 20:31 +0000
Re: Write protection on SD cards Lusotec <nomail@nomail.not> - 2011-11-01 21:48 +0000
Re: Write protection on SD cards Tobias Blass <tobiasblass@gmx.net> - 2011-11-02 13:10 +0000
Re: Write protection on SD cards Günther Schwarz <strap@gmx.de> - 2011-11-05 11:51 +0000
Re: Write protection on SD cards mcanswer@mcanswer.pl - 2011-12-17 07:51 +0100
Re: Write protection on SD cards Günther Schwarz <strap@gmx.de> - 2011-12-17 16:32 +0000
| From | Günther Schwarz <strap@gmx.de> |
|---|---|
| Date | 2011-11-01 20:31 +0000 |
| Subject | Write protection on SD cards |
| Message-ID | <9hb396F3fcU1@mid.individual.net> |
Most SD flash cards do have a little plastic thing for write protection. As far as I understand this is not connected to the electronics of the card but rather informs the card reader which in turn sends a read-only flag to the host (some readers do ignore the switch). How secure is this with Linux as the host OS? Will it be possible to force a mount with rw option? The background of my question is that I could make good use of a read- only device other than a optical disk on some systems. USB sticks with a switch for write protection seem to be as rare as hen's teeth today. Günther
[toc] | [next] | [standalone]
| From | Lusotec <nomail@nomail.not> |
|---|---|
| Date | 2011-11-01 21:48 +0000 |
| Message-ID | <j8ppfe$elb$1@dont-email.me> |
| In reply to | #53 |
Günther Schwarz wrote: > Most SD flash cards do have a little plastic thing for write protection. > As far as I understand this is not connected to the electronics of the > card but rather informs the card reader which in turn sends a read-only > flag to the host (some readers do ignore the switch). How secure is this > with Linux as the host OS? Will it be possible to force a mount with rw > option? > The background of my question is that I could make good use of a read- > only device other than a optical disk on some systems. USB sticks with a > switch for write protection seem to be as rare as hen's teeth today. > > Günther Linux respects the write protection of SD cards I get this line "sd 6:0:0:0: [sde] Write Protect is on" in dmesg after inserting a write protected SD card in this GNU/Linux system. Trying to mount as RW gives the produces the following message. $ LANGUAGE=C mount -o rw /dev/sdb1 /mnt/tmp/ mount: block device /dev/sdb1 is write-protected, mounting read-only I don't know If there is a way to force Linux to ignore the write protection. Regards.
[toc] | [prev] | [next] | [standalone]
| From | Tobias Blass <tobiasblass@gmx.net> |
|---|---|
| Date | 2011-11-02 13:10 +0000 |
| Message-ID | <j8rfg7$6n8$1@dont-email.me> |
| In reply to | #53 |
On 2011-11-01, Günther Schwarz <strap@gmx.de> wrote: > Most SD flash cards do have a little plastic thing for write protection. > As far as I understand this is not connected to the electronics of the > card but rather informs the card reader which in turn sends a read-only > flag to the host (some readers do ignore the switch). How secure is this > with Linux as the host OS? Will it be possible to force a mount with rw > option? > The background of my question is that I could make good use of a read- > only device other than a optical disk on some systems. USB sticks with a > switch for write protection seem to be as rare as hen's teeth today. > I think it's not *easy* to force an rw mount, so if you just want to prevent accidental write access it should be sufficient. But if you (and I think that's what you mean) want to prevent malicious writes I don't think it's enough. I don't know whether there is something like a mount option, but the attacker could (root access provided) e.g. load a kernel module or install another kernel that does not check the write protection switch.
[toc] | [prev] | [next] | [standalone]
| From | Günther Schwarz <strap@gmx.de> |
|---|---|
| Date | 2011-11-05 11:51 +0000 |
| Message-ID | <9hkma2Fcu3U1@mid.individual.net> |
| In reply to | #55 |
Tobias Blass wrote: > On 2011-11-01, Günther Schwarz <strap@gmx.de> wrote: >> Most SD flash cards do have a little plastic thing for write >> protection. As far as I understand this is not connected to the >> electronics of the card but rather informs the card reader which in >> turn sends a read-only flag to the host (some readers do ignore the >> switch). How secure is this with Linux as the host OS? Will it be >> possible to force a mount with rw option? >> The background of my question is that I could make good use of a read- >> only device other than a optical disk on some systems. USB sticks with >> a switch for write protection seem to be as rare as hen's teeth today. >> > I think it's not *easy* to force an rw mount, so if you just want to > prevent accidental write access it should be sufficient. But if you (and > I think that's what you mean) want to prevent malicious writes I don't > think it's enough. I don't know whether there is something like a mount > option, but the attacker could (root access provided) e.g. load a kernel > module or install another kernel that does not check the write > protection switch. You understood that correctly. The device is supposed to survive in a clean state in case the systems gets compromised and thus allow for a fresh installation without having to insert a CD or doing a PXE boot. It should be better in this respect than an extra partition on the main hard disk. But still the security needs are moderate. From your comment and from what I find in the web it seems that ignoring the ro-flag is something that might be sufficiently rare and unlikely to accept it as a risk. Still a device that enforces write protection on the hardware level would be better, of course. Günther
[toc] | [prev] | [next] | [standalone]
| From | mcanswer@mcanswer.pl |
|---|---|
| Date | 2011-12-17 07:51 +0100 |
| Message-ID | <7tobv7pu6a.fsf@leeloo.local.mcanswer.pl> |
| In reply to | #57 |
Günther Schwarz <strap@gmx.de> writes: > Tobias Blass wrote: > >> On 2011-11-01, Günther Schwarz <strap@gmx.de> wrote: >> the attacker could (root access provided) e.g. load a kernel >> module or install another kernel that does not check the write >> protection switch. > > You understood that correctly. The device is supposed to survive in a > clean state in case the systems gets compromised and thus allow for a > fresh installation without having to insert a CD or doing a PXE boot. It > should be better in this respect than an extra partition on the main hard > disk. But still the security needs are moderate. You can always use some mandatory access control preventing attacker from access to this device and/or from load kernel modules. The first one could be done by SeLinux or RBAC, second one by for ex. GrSecurity
[toc] | [prev] | [next] | [standalone]
| From | Günther Schwarz <strap@gmx.de> |
|---|---|
| Date | 2011-12-17 16:32 +0000 |
| Message-ID | <9l3ugmFc2sU1@mid.individual.net> |
| In reply to | #75 |
mcanswer wrote: > Günther Schwarz <strap@gmx.de> writes: > >> Tobias Blass wrote: >> >>> On 2011-11-01, Günther Schwarz <strap@gmx.de> wrote: >>> the attacker could (root access provided) e.g. load a >>> kernel >>> module or install another kernel that does not check the write >>> protection switch. >> >> You understood that correctly. The device is supposed to survive in a >> clean state in case the systems gets compromised and thus allow for a >> fresh installation without having to insert a CD or doing a PXE boot. >> It should be better in this respect than an extra partition on the main >> hard disk. But still the security needs are moderate. > > You can always use some mandatory access control preventing attacker > from access to this device and/or from load kernel modules. The first > one could be done by SeLinux or RBAC, second one by for ex. GrSecurity These are all very useful in protecting a running system. But then my question was if a SD might be considered as reasonably safe in a scenario where an uncontrolled system an kernel are running. Just think of a bug or a misconfiguration in the BIOS setup which allows for booting from a CD or USB device instead from the hard disk. Günther
[toc] | [prev] | [standalone]
Back to top | Article view | comp.os.linux.security
csiph-web