Comment by djha-skin
3 days ago
TrueNAS is on FreeBSD, as well as lots of network equipment. This does affect us more than we think as operators.
3 days ago
TrueNAS is on FreeBSD, as well as lots of network equipment. This does affect us more than we think as operators.
I would think that pure-storage NAS or network equipment was effectively completely immune to local privilege escalation. I'll give you the NAS where it might be running untrusted containers or such, but that's it.
> This does affect us more than we think as operators.
I hope this is true but as other comments have suggested, Juniper and TrueNAS are moving or no longer on FreeBSD.
I am now wondering if Netflix may one day give up FreeBSD for their cache server as well.
TrueNAS was, but they now use Linux as the main distribution.
Alas, TrueNAS actually switched to Linux a couple of years ago.
FreeBSD was the reason I chose TrueNAS Core. Unfortunately, you are right, TrueNAS Scale (Linux) is where they are focusing all their attention. At this point I will not purchase additional TrueNAS equipment as I feel I was "rug pulled." I get that they are going after more of the Docker container/app market, but I just want a solid ZFS w/excellent networking NAS device. Linux is close to this ideal, but it isn't as "Set and Forget" as FreeBSD (IMO).
> solid ZFS w/excellent networking NAS device.
illumos distros might be a good alternative. I have OmniOS[0] as a filer and SmartOS[1] running hypervisor duties on zones and bhyve.
[0] https://omnios.org [1] https://docs.smartos.org
You usually don't really interact with the OS underneath at all so I don't think it makes much of a difference unless you are very fond of Jails.
I mean that is the whole point of a NAS OS. It gives you a GUI and you don't have to worry about the rest.
Juniper JunOS is based on FreeBSD IIRC.
They've been moving their NOSes to a linux based platform.
It really is a tragedy how everything is being monoculturized to linux.
Possibly Playstation as well.
PlayStation 4 was a fork of FreeBSD 9, and is immune to this bug introduced in 14. Sony also changes a LOT, I'm not sure anything dealing with unix credentials even exists in this fork. It's not clear how much FreeBSD is even used in PlayStation 5 (2020), but it would be based off 12 or earlier (also immune to this bug from 14) (13 was released in 2021).
What about PlayStation 3?
Whilst all are "soft-moddable" via HEN, a large number of the Slim and Superslims are not compatible with full custom firmware. Recently a hardware based exploit 'badWDSD' released which allow CFW, although even still a small number of Superslims are not compatible.
1 reply →
Also Netgate's devices running PFSense.
And OPNSense boxes