Mailinglist Archive: opensuse-factory (608 mails)

< Previous Next >
Re: [opensuse-factory] [PLEASE SPEAK UP] Disabling legacy file systems by default?
On Thu, 31 Jan 2019 11:06:24 +0100, Ludwig Nussel <ludwig.nussel@xxxxxxx> wrote:

Martin Wilck schrieb:
SUSE will blacklist a number of legacy and/or less frequently used
file systems by default on SLES for security reasons.

The intention is clear and makes sense. However, according to the
responses in this thread the user experience isn't exactly the best.
Looks like manual mount request reply with "unknown file system"
rather than "we know the file system but you need to sign the
disclaimer first before you can use it".

👍

IOW can we achieve the same with different means? IIUC the main
concern is someone plugging a USB stick with one of those
unmaintained file systems on it. The system then autoloads the kernel
module, crashes and whatnot. That behavior is triggered by the
desktops and udisks2 right? Could those modules therefore be
blacklisted at udisks2 level rather than preventing root from
manually entering a mount command line?

+1

preferably with a hint like

Mounting xyzfs is blocked due to security issues. If you *really*
trust this device and want to mount it anyway, you need to load
its driver yourself: "sudo modprobe xyzfs". We did warn you though.

cu
Ludwig

--
H.Merijn Brand http://tux.nl Perl Monger http://amsterdam.pm.org/
using perl5.00307 .. 5.29 porting perl5 on HP-UX, AIX, and openSUSE
http://mirrors.develooper.com/hpux/ http://www.test-smoke.org/
http://qa.perl.org http://www.goldmark.org/jeff/stupid-disclaimers/
< Previous Next >