On Thu, 31 Jan 2019 11:06:24 +0100, Ludwig Nussel
Martin Wilck schrieb:
SUSE will blacklist a number of legacy and/or less frequently used file systems by default on SLES for security reasons.
The intention is clear and makes sense. However, according to the responses in this thread the user experience isn't exactly the best. Looks like manual mount request reply with "unknown file system" rather than "we know the file system but you need to sign the disclaimer first before you can use it".
👍
IOW can we achieve the same with different means? IIUC the main concern is someone plugging a USB stick with one of those unmaintained file systems on it. The system then autoloads the kernel module, crashes and whatnot. That behavior is triggered by the desktops and udisks2 right? Could those modules therefore be blacklisted at udisks2 level rather than preventing root from manually entering a mount command line?
+1 preferably with a hint like Mounting xyzfs is blocked due to security issues. If you *really* trust this device and want to mount it anyway, you need to load its driver yourself: "sudo modprobe xyzfs". We did warn you though.
cu Ludwig
-- H.Merijn Brand http://tux.nl Perl Monger http://amsterdam.pm.org/ using perl5.00307 .. 5.29 porting perl5 on HP-UX, AIX, and openSUSE http://mirrors.develooper.com/hpux/ http://www.test-smoke.org/ http://qa.perl.org http://www.goldmark.org/jeff/stupid-disclaimers/