Bug 387528

Summary: Use safer defaults for mounting external drives
Product: [Frameworks and Libraries] frameworks-solid Reporter: Ongun Kanat <ongun.kanat>
Component: generalAssignee: Lukáš Tinkl <lukas>
Status: RESOLVED UPSTREAM    
Severity: major CC: kde, kdelibs-bugs-null, nate, ongun.kanat
Priority: NOR    
Version First Reported In: unspecified   
Target Milestone: ---   
Platform: Other   
OS: Linux   
Latest Commit: Version Fixed/Implemented In:
Sentry Crash Report:

Description Ongun Kanat 2017-12-02 14:18:27 UTC 
It looks like Solid uses udisks2 default mount options which mounts external NTFS drives with 777 permissions. Exec permission is rarely needed for NTFS drives and might be dangerous for users. External USB drives a constantly used attack vector against incautious users.

Since udisks2 doesn't allow its hardcoded default permissions to be changed via a config file implementing it in Solid might be a good way to achieve a safer default.
Comment 1 Nate Graham 2019-03-02 13:39:47 UTC 
Would be worth reporting this upstream to the folks behind udisks2 as well. Could you do that?
Comment 2 Ongun Kanat 2019-03-18 21:30:54 UTC 
Done: https://github.com/storaged-project/udisks/issues/644
Comment 3 Nate Graham 2019-03-18 22:55:08 UTC 
Thanks!