[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Coercing sane file permissions -- site specific

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On Sun, Nov 20, 2016 at 12:19:49PM -0500, The Wanderer wrote:
> On 2016-11-20 at 11:46, Joe wrote:
> 
> > On Sun, 20 Nov 2016 15:14:47 +0100 <tomas@tuxteam.de> wrote:
> 
> >> Sorry I can't offer more details: I'm not "in" the intricacies of
> >> desktop environments. For me, they are too intricate and finicky,
> >> therefore I prefer to run without.
> >> 
> >> I mount my media explicitly.
> > 
> > So do I. If I don't want a USB stick mounted, I don't plug it in.
> 
> That's not explicit; it's invoking the implicit mount which your system
> is configured to execute upon the device being connected.

Exactly. Perhaps I was too concise. With "explicit" I meant that I always
issue the mount command in a command line myself.

[a couple of good reasons elided]

> I imagine there may be other possibilities...

Yes: file system code is not well tested with malicious file systems.
There may be an exploit lurking there. If I don't trust the USB stick,
I don't mount it right away, but I might want to have a look at the
raw data (or perhaps mount it from a VM).

> > I don't want any applications or media to autorun, but I do want the
> > filesystems mounted.
> 
> That's an entirely reasonable usage pattern, but it is not explicit
> mounting, and there are legitimate reasons why someone might want
> different behavior.

Agreed. The nice thing is that each one of us can have her/his own
way :-)

regards
- -- tomás
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)

iEYEARECAAYFAlgx4pUACgkQBcgs9XrR2kbR3wCcDFsQE/NzevtX24rhmRRx68SO
u+sAn1sd8r4VK2r9I0W2zggmKxqZRZqM
=NfNc
-----END PGP SIGNATURE-----
Reply to: