http://bugzilla.suse.com/show_bug.cgi?id=1089408
http://bugzilla.suse.com/show_bug.cgi?id=1089408#c18
Matthias Gerstner
Security team, could you please take a look at the potential security risk outlined in comment#5 and give an assessment?
Well this is a complex topic as you all already pointed out in the discussions. Basically I would say that plugging in an untrusted storage device is an issue to begin with. There are attack vectors on the kernel side of things or on the low file system side. So the files that appear in the file system are actually only one of the last (and most obvious) layers where security is concerned. Having all files mounted executable gives more room for undesired execution e.g. by mistyping a command line or simply double clicking in a file manager (which, again, depends on the file manager implementation, what actually is executed). We also have things like indexing programs that process e.g. images and produce thumbnails of them. So even without executable bits there is already attack surface. For me personally the question has always been whether it is of any use to have FAT files mounted executable. If they're foreign executables from e.g. a Windows system then I can't execute them directly anyways. If they're actual Linux binaries or scripts ... I personally would like to use a file system that supports basic UNIX permissions. Also for me it would be rather uncommon to execute programs from a removable device at all. But that is all a matter of personal style and use cases. Still I somehow have the feeling that the use case of wanting to execute something from a removable device is not something that happens often. Based on the observation that there are a lot of other security issues that hit when mounting an untrusted device I am somewhat inclined to follow the best usability / user experience in this case. Whatever that would be ;-) -- You are receiving this mail because: You are on the CC list for the bug.