On 8 July 2014 22:33, lee <lee(a)yun.yagibdah.de> wrote:
Ian Malone <ibmalone(a)gmail.com> writes:
> By expecting users to mount attached devices with full-fat mount usage
> you open the potential for exploits.
How would that happen? A file system is either mounted or not, or is
it?
I think I wasn't clear enough. The user doesn't get to run mount
themselves. The system does it for them, in a well-defined place with
set permissions. If you're worried about security then what are the
actual risks?
- Worried about users copying data on or off. You need to disable auto
mounting, but you need to do a lot of other things too.
- Things getting mounted in dangerous places, e.g. over / or /bin or a
user's home directory. Doesn't happen.
- Things being mounted executable. I've just checked and the default
options I get for FAT are showexec, but this could probably be changed
to prevent it, certainly it gives you a single point the admin could
potentially change it. But files are owned by the user, so setuid
tricks are out.
As for KIO, GVFS, sometimes the thing really *isn't* mounted, my
camera for instance doesn't get a mount point. The file explorer talks
to the camera directly (PTP I think in this case).
--
imalone
http://ibmalone.blogspot.co.uk