Re: Coercing sane file permissions -- site specific
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
On Sun, Nov 20, 2016 at 12:19:49PM -0500, The Wanderer wrote:
> On 2016-11-20 at 11:46, Joe wrote:
>
> > On Sun, 20 Nov 2016 15:14:47 +0100 <tomas@tuxteam.de> wrote:
>
> >> Sorry I can't offer more details: I'm not "in" the intricacies of
> >> desktop environments. For me, they are too intricate and finicky,
> >> therefore I prefer to run without.
> >>
> >> I mount my media explicitly.
> >
> > So do I. If I don't want a USB stick mounted, I don't plug it in.
>
> That's not explicit; it's invoking the implicit mount which your system
> is configured to execute upon the device being connected.
Exactly. Perhaps I was too concise. With "explicit" I meant that I always
issue the mount command in a command line myself.
[a couple of good reasons elided]
> I imagine there may be other possibilities...
Yes: file system code is not well tested with malicious file systems.
There may be an exploit lurking there. If I don't trust the USB stick,
I don't mount it right away, but I might want to have a look at the
raw data (or perhaps mount it from a VM).
> > I don't want any applications or media to autorun, but I do want the
> > filesystems mounted.
>
> That's an entirely reasonable usage pattern, but it is not explicit
> mounting, and there are legitimate reasons why someone might want
> different behavior.
Agreed. The nice thing is that each one of us can have her/his own
way :-)
regards
- -- tomás
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iEYEARECAAYFAlgx4pUACgkQBcgs9XrR2kbR3wCcDFsQE/NzevtX24rhmRRx68SO
u+sAn1sd8r4VK2r9I0W2zggmKxqZRZqM
=NfNc
-----END PGP SIGNATURE-----
Reply to: