On 06/06/2017 11:52 PM, Adam Borowski wrote: >> As for "security hole", I'm not sure what exactly you have in mind there. >> I don't see any open CVEs or bugs tagged with security against gvfs. > I found a security hole in the vfat driver as an idiot kid ~20 years ago, > before I even started using Linux myself. That particular filesystem is > simplicistic enough to _possibly_ be exploitable bug free by now, but as a > btrfs@vger regular, I hear about enough unintentional corruption caused > failures that I see no way the filesystem could be secured against a > malicious image without an extreme effort that would also destroy > performance. And that's a maintained filesystem. We do, in our default > kernel, ship drivers for so many obscure filesystems no one has used for > years that I'm 100% certain you can find an arbitrary code execution bug > triggerable by just mounting such an untrusted USB stick.
On the other hand gvfs is not a kernel driver but a userspace filesystem and hence has a different threat surface. (Sure, there's still the possibility of arbitrary code execution from content on a network file system, but that's then shared with other GNOME applications using it.) Kind regards Philipp Kern
