[Bug 41624] Re: Replaying journals of other OS's filesystems, by mounting them, is unsafe

[Glenn Washburn]

** Merge proposal linked:
   https://code.launchpad.net/~crass/casper/+git/casper/+merge/453083

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to partman-basicfilesystems in
Ubuntu.
https://bugs.launchpad.net/bugs/41624

Title:
  Replaying journals of other OS's filesystems, by mounting them, is
  unsafe

Status in iso-scan package in Ubuntu:
  Triaged
Status in linux package in Ubuntu:
  Won't Fix
Status in lupin package in Ubuntu:
  Triaged
Status in partman-basicfilesystems package in Ubuntu:
  Fix Released
Status in os-prober package in Debian:
  Fix Released

Bug description:
  I have just done a clean install of recent dapper (20060426.1 live
  i386) on my main testbed machine.

  The automatic volume discovery system has not only found the
  filesystems from various of the other installations (which is not
  quite so bad) but has dug into my LVM system and found the fs for a
  frozen Xen image !

  This kind of thing can cause serious data loss.  Modern journalling
  filesystems go even more badly wrong than traditional fs's if they are
  accessed by two running systems in an interleaved fashion, which is
  what results if Dapper automatically finds and mounts these
  filesystems, replaying the journal, while a frozen (whether by a VM
  like Xen or by ordinary hibernation) image has them mounted.

  In the current setup I think it would be easy to cause disaster simply
  by installing dapper twice on the same machine and then continuously
  hibernating one while using the other.  More complex schemes are also
  possible.

  All of these filesystems discovered in this way should be made read-
  only unless it can be somehow known that it's safe to make them r/w.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/iso-scan/+bug/41624/+subscriptions