There was an extensive discussion on debian-devel. Not all of that is
captured in this bug report, so I'm posting a reference to the discussion
https://lists.debian.org/debian-devel/2023/07/msg00242.html
OpenPGP_signature.asc
Description: OpenPGP digital signature
On Mar 13, Michael Biebl wrote:
> > So I propose this content for a file like
> > /usr/lib/udev/rules.d/75-insecure-fs.rules:
> Just curious: Why did you pick priority 75?
I can't remember.
--
ciao,
Marco
signature.asc
Description: PGP signature
Hi Marco
On Sun, 27 Aug 2023 02:34:04 +0200 Marco d'Itri wrote:
Control: reassign -1 udisks2
Control: retitle -1 do not mount automatically unmaintained file systems
On Jul 20, md wrote:
> You are totally correct.
> Kernel team, please blacklist HFS/HFS+ for automounting.
As discussed on debi
I think the idea that HFS+ is not used on removable device is a bit of a
fallacy. I, myself, use this frequently on removable hard drives when moving
large data sets back and forth from my Mac. The Mac doesn't easily read ext
filesystems, but Linux can read HFS, and the various Microsoft files
On Jan 10, Michael Biebl wrote:
> While we could ship such a udev rule for udisks, I don't think it will
> properly solve the issue. The device will still show up in nautilus, plasma
> etc and mounting is just an additional click away.
The threat model here is: somebody connects a crafted USB sti
On Sun, 27 Aug 2023 02:34:04 +0200 Marco d'Itri wrote:
So I propose this content for a file like
/usr/lib/udev/rules.d/75-insecure-fs.rules:
While we could ship such a udev rule for udisks, I don't think it will
properly solve the issue. The device will still show up in nautilus,
plasma etc
On Sun, 27 Aug 2023 02:34:04 +0200 Marco d'Itri wrote:
Control: reassign -1 udisks2
Control: retitle -1 do not mount automatically unmaintained file systems
On Jul 20, md wrote:
> You are totally correct.
> Kernel team, please blacklist HFS/HFS+ for automounting.
As discussed on debian-devel@,
On Sunday, 27 August 2023 12:39:11 CEST Marco d'Itri wrote:
> > Previously not knowing about that status, I looked up the commits where
> > the
> > status was set to "odd fixes" and found that for some the reason was that
> > the maintainer didn't have the hardware to test it themselves.
> > I do n
On Aug 27, Diederik de Haas wrote:
> While I agree that "orphan" does mean that it is NOT actively maintained,
> AFAICT the situation is a bit more blurry for "odd fixes".
All these file systems are either rare enough and/or not used on
removable media, so I do not believe that it is unreasonab
On Sunday, 27 August 2023 02:34:04 CEST Marco d'Itri wrote:
> So I propose this content for a file like
> /usr/lib/udev/rules.d/75-insecure-fs.rules:
>
> # Do not automatically mount these file systems because their drivers are
> # marked as "orphan" or "odd fixes" in the kernel MAINTAINERS file a
Control: reassign -1 udisks2
Control: retitle -1 do not mount automatically unmaintained file systems
On Jul 20, md wrote:
> You are totally correct.
> Kernel team, please blacklist HFS/HFS+ for automounting.
As discussed on debian-devel@, this policy should not be handled by the
kernel because
On Fri, 2023-07-21 at 18:35 +0100, Matthew Garrett wrote:
> On Fri, Jul 21, 2023 at 10:55:39AM +0200, Marco d'Itri wrote:
>
> > Unless somebody has a better idea then then my plan is to ship in the
> > next upload of kmod a file in /etc/modprobe.d/ which uses the blacklist
> > directive to preve
On Fri, Jul 21, 2023 at 10:55:39AM +0200, Marco d'Itri wrote:
> Unless somebody has a better idea then then my plan is to ship in the
> next upload of kmod a file in /etc/modprobe.d/ which uses the blacklist
> directive to prevent automatically loading some file system modules.
I think this wou
Le vendredi 21 juillet 2023, 10:52:17 UTC Bastien Roucariès a écrit :
> Le vendredi 21 juillet 2023, 08:55:39 UTC Marco d'Itri a écrit :
> > efs
> https://pypi.org/project/qnxmount/ claim to mount it. Check
> > hfs
> https://github.com/0x09/hfsfuse
Corrected not supported by this package may be emu
Le vendredi 21 juillet 2023, 08:55:39 UTC Marco d'Itri a écrit :
> efs
https://pypi.org/project/qnxmount/ claim to mount it. Check
> hfs
https://github.com/0x09/hfsfuse
> hfaplus
https://github.com/0x09/hfsfuse
> qnx6
Fuse ro filesystem https://pypi.org/project/qnxmount/ better support then
kernel
Hi Marco, hi,
Marco d'Itri - 21.07.23, 10:55:39 CEST:
> On Jul 21, Matthew Garrett wrote:
> > > You are totally correct.
> > > Kernel team, please blacklist HFS/HFS+ for automounting.
> >
> > Isn't this a userland policy decision? udisks will happily trigger a
> > module load for hfsplus if udev
Looks reasonable.
Le vendredi 21 juillet 2023 à 10:55 +0200, Marco d'Itri a écrit :
> On Jul 21, Matthew Garrett wrote:
>
> > > You are totally correct.
> > > Kernel team, please blacklist HFS/HFS+ for automounting.
> >
> > Isn't this a userland policy decision? udisks will happily trigger
> >
On Jul 21, Matthew Garrett wrote:
> > You are totally correct.
> > Kernel team, please blacklist HFS/HFS+ for automounting.
> Isn't this a userland policy decision? udisks will happily trigger a
> module load for hfsplus if udev has identified it, and I don't think
> there's a trivial mechanism
18 matches
Mail list logo
