Re: How to secure access to SD cards a la USBGuard?
On Sun 05 Dec 2021 at 14:11:25 (+0100), hdv@gmail wrote:
> On 2021-12-05 13:33, Andrei POPESCU wrote:
> > On Vi, 12 nov 21, 12:27:59, Stefan Monnier wrote:
> > >
> > > As mentioned, the way to control it will depend on the specific tool
> > > used to mount. E.g. if it's mounted by hand via a rule in /etc/fstab,
> > > then you can rules that specify the device via /etc/disk/by-uuid.
> > >
> > > Do note that partition UUIDs are not designed to be reliable w.r.t
> > > malicious uses (it's easy to create a partition with the same UUID as
> > > some other).
> >
> > /dev/disk/by-id/ should be device specific.
>
> Shoot, I had forgotten about WWNs at all! Yep, those should be good
> enough for my purposes.
I make a habit of archiving the udevadm info, or /run/udev/data/b8:NN
files, for all my disks, sticks and cards. I can't find any WWNs that
are not on either spinning drives or my (sole) SSD. Even my oldest
hard drive (early-2007) lacks one. So I'm interested to know how/where
you read them from on SD cards. Is this a new thing with SDXC/SDUC?
I use LABELs and "UUIDs" (Serial Numbers) to identify mine. LABELs are
most use; for example, I have a Nokia phone that writes a new Serial
Number on any µSD card that's inserted. I have no idea why.
It's obviously only useful in a cooperative environment.
Cheers,
David.
Reply to: