[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Automatic downloading of non-free software by stuff in main

On Thu, Dec 07, 2017 at 01:33:41AM +0000, Ben Hutchings wrote:
> On Wed, 2017-12-06 at 19:14 -0500, Michael Stone wrote:
> > On Thu, Dec 07, 2017 at 12:09:22AM +0000, Ben Hutchings wrote:
> > > That's only because it lives in mm/shmem.c, not under fs/.  It does
> > > support xattrs.
> > 
> > Have you tried it?
> Ah, damnit.  It supports *some* xattrs (like the security namespace),
> but apparently not *user* xattrs.

Good.  While xattrs have some uses, this is a hidden privacy hole most users
aren't aware of (although /tmp/ is the filesystem least likely to be used
forensically against you).

Looks like the only filesystems that allow disabling it via a mount option
(nouser_xattr) are ext* and reiserfs, some more can do it via recompiling
the kernel although this kills all xattrs, not just the user: namespace;
most of these config options say "If unsure, say N." (other than CIFS, which
is also the filesystem where your files are most likely to be readable by
others) -- but they're all enabled in Debian kernels.

[~]$ task add "patch btrfs for mount -o nouser_xattr"

⢀⣴⠾⠻⢶⣦⠀ 14:13 < icenowy[m]> are they hot enough? ;-)
⣾⠁⢰⠒⠀⣿⡁ 14:17 < icenowy[m]> I think now in Europe it should be winter? Let
⢿⡄⠘⠷⠚⠋⠀                     the BPi warm you ;-)
⠈⠳⣄⠀⠀⠀⠀ 14:17 <@KotCzarny> yeah, i have a pc to warm me ;)

Reply to: