[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Bug#788634: debian-installer: Accepting a preseed URL from DHCP allows attacker to hijack installation

Geert Stappers <stappers@stappers.nl> (2015-06-13):
> On Sat, Jun 13, 2015 at 04:32:04PM +0100, Aliz Hammond wrote:
> >
> > Due to this, an attacker on the local network can spoof a DHCP responce
> > pointing to their own preseed file, which can do all sorts of mischief
> > (such as adding users or executing commands).
> So the actual problem is that the local network is compromised.
> > I'm not sure of the best way to mitigate this, without annoying people
> > who use this feature. Perhaps a kernel commandline arg to specifically
> > enable preseed via DHCP is a good idea?
> A good idea is getting the local network
> to a state where it can be trusted to use DHCP at all.
> Groeten
> Geert Stappers
> Who considered
> control: tag -1 wontfix

I don't think handwaving and tagging wontfix is the right play here.


Attachment: signature.asc
Description: Digital signature

Reply to: