On 31/01/2019 22.52, Jeff Mahoney wrote:
On 1/31/19 4:38 PM, Carlos E. R. wrote:
On 31/01/2019 22.26, Michael Ströder wrote:
On 1/31/19 10:05 PM, Carlos E. R. wrote:
I'm not saying to keep the drivers. Did I? I only say that the users that need one of those filesystems in the future will be surprised and not know what to do.
But users will also be "suprised" when putting in a rogue USB stick which hits a security bug in an unmaintained file system driver.
True.
It's just a matter of weighing one against the other.
Personally I have a strong preference to mitigate attack vectors.
I agree.
I only wonder if there is something that could be done to tell users what is happening at the moment it happens to them.
When they're attacked or when the module fails to load?
When it fails to load, somehow point to somewhere to read what is going on, why it was disabled, how to enable at his own risk, etc :-) I'm not saying to enable to keep them enabled. Just wondering if it is possible to inform users of the situation when they are surprised by not being able to mount one of them. If it is not possible, well, it is not possible. Maybe a message on syslog from kernel when module is loaded to tell it is risky, please read "/path/file"? Maybe a message by mount command? I don't know. -- Cheers / Saludos, Carlos E. R. (from 15.0 x86_64 at Telcontar)