Camera mounting

[lee]

Ian Malone <ibmalone at gmail.com> writes:

> On 8 July 2014 22:33, lee <lee at yun.yagibdah.de> wrote:
>> Ian Malone <ibmalone at gmail.com> writes:
>>
>>> By expecting users to mount attached devices with full-fat mount usage
>>> you open the potential for exploits.
>>
>> How would that happen?  A file system is either mounted or not, or is
>> it?
>
> I think I wasn't clear enough. The user doesn't get to run mount
> themselves. The system does it for them, in a well-defined place with
> set permissions.

Neither the system, nor the user should mount something.  Only root
should do that, knowing what they're doing.

> If you're worried about security then what are the
> actual risks?
> - Worried about users copying data on or off. You need to disable auto
> mounting, but you need to do a lot of other things too.

When there is no auto mounting, that's one less thing you'd have to
disable.

> - Things getting mounted in dangerous places, e.g. over / or /bin or a
> user's home directory. Doesn't happen.

You trust computers too much.

> - Things being mounted executable. I've just checked and the default
> options I get for FAT are showexec, but this could probably be changed
> to prevent it, certainly it gives you a single point the admin could
> potentially change it. But files are owned by the user, so setuid
> tricks are out.

The users can always copy things from things mounted and make them
executable.  Or they can write their own programs, without mounting
anything.  When the system mounts things itself, who knows what it might
execute.


-- 
Fedora release 20 (Heisenbug)