Are ext2/3/4 USB Drives a critical threat to a Linux System?

I found this discussion here where those people seemed to decide weather ext filesystems should support the masquerading of the uid/gid similar to how a vfat/ntfs filesystems work when they are mounted on a Linux system. During that discussion, they seemed to decide that idea didn't have enough grounds.

My question is: Could an attacker place a setuid binary on an ext formatted USB Drive, insert it on another Linux system, run the binary (as an unprivileged user) and gain root access on that machine?

This seems like a trivial security exploit, and that patch would have allowed for a fix. Or am I missing something?

6 Sorted by: Reset to default

Know someone who can answer? Share a link to this question via email, Twitter, or Facebook.

Your Answer

Sign up or log in

Sign up using Google Sign up using Facebook Sign up using Email and Password Submit

Post as a guest

Post Your Answer Discard

By clicking “Post Your Answer”, you agree to our terms of service, privacy policy and cookie policy