> afaik if I would remove the lines that contains "FUSE" and "fuse" from > /sys/conf/GENERIC and re-compile the kernel, that would mean, there will be > no more FUSE support in my kernel after reboot. > > If so, would this step help to make my system more secure? Ex.: from a future > FUSE related security issue? > > just asking theoretically, since I don't use FUSE related stuff, so thinking > of that is unneeded. > > or it would just create an unsupported kernel which didn't had any tests > regarding the missing fuse and maybe cause bigger issues and security issues > vs. if I wouldn't touched it?
I daresay that removing FUSE support will make you invulnerable to any kind of bug in FUSE. jca has already given you an outline of the reasons to believe such a bug, if it exists, is rather unlikely to be exploitable. You had better consider what you're giving up when you make this change. You won't be able to use FUSE. You won't be able to use syspatch. I'm not sure how it affects kernel relinking. You'll have to build your kernels yourself on all architectures you run for each release and every kernel-related erratum. You'll have to maintain your changes. You can't just say "I'm not sure" as I just did. You'll have to take responsibility for the possibility that running a non-standard configuration may introduce bugs. And what are you defending against? Somebody has to get root or a way to mount filesystems without root. We'll assume he's got a way to mount filesystems without root, because if he had a way to get root, he wouldn't need bother with anything else. Then he's got to have his FUSE exploit which gives him root. Since he probably doesn't have an account on your system, he's got to have a third exploit to start running code to begin with. Defense in depth is good, but this isn't worth the effort on your part. Your security need only be good enough to require an attacker spend more than he's willing to spend. Martin
