Mailinglist Archive: opensuse-factory (602 mails)

< Previous Next >
Re: [opensuse-factory] Re: Disabling legacy file systems by default?
  • From: "Carlos E. R." <robin.listas@xxxxxxxxxxxxxx>
  • Date: Tue, 12 Feb 2019 01:26:47 +0100 (CET)
  • Message-id: <alpine.LSU.2.21.1902120116570.4506@Legolas.valinor>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1



El 2019-02-11 a las 16:13 -0800, L.A. Walsh escribió:

On 1/30/2019 8:41 AM, Martin Wilck wrote:
SUSE will blacklist a number of legacy and/or less frequently used
file systems by default on SLES for security reasons.

Why blacklist?

Why just not "not build" them in suse distros?

If a user wants to build them they'll get past blacklisting
too, but what's the point of building blacklisted drivers?

Well, it impedes mounting by accident such a filesystem, for examply by a plain user inserting an usb stick. If that vulnerable filesystem is really vulnerable and can be used to attack the system, well, thats a serious vulenrability.

With blacklisting such a filesystem can only be mounted if root wants, for which he needs reading a bit.

Another step is creating an article in our wiki that google finds when searching for the error message. Or that the error message gives a link or some thing to RTFM.

- -- Cheers
Carlos E. R.

(from openSUSE 15.0 (Legolas))

-----BEGIN PGP SIGNATURE-----

iHoEARECADoWIQQZEb51mJKK1KpcU/W1MxgcbY1H1QUCXGISxxwccm9iaW4ubGlz
dGFzQHRlbGVmb25pY2EubmV0AAoJELUzGBxtjUfV4BoAoIF2TMbI8/vj0E0bzxEw
bH178gTNAJ91ci/Oxe8mVZlT1+cNXkNKKgu2mw==
=WfoA
-----END PGP SIGNATURE-----
< Previous Next >
Follow Ups
References