Bug 387528 - Use safer defaults for mounting external drives
Summary: Use safer defaults for mounting external drives
Status: RESOLVED UPSTREAM
Alias: None
Product: frameworks-solid
Classification: Frameworks and Libraries
Component: general (other bugs)
Version First Reported In: unspecified
Platform: Other Linux
: NOR major
Target Milestone: ---
Assignee: Lukáš Tinkl
URL:
Keywords:
Depends on:
Blocks:
 
Reported: 2017-12-02 14:18 UTC by Ongun Kanat
Modified: 2019-04-09 14:17 UTC (History)
4 users (show)

See Also:
Latest Commit:
Version Fixed/Implemented In:
Sentry Crash Report:

Attachments
Add an attachment

Note You need to log in before you can comment on or make changes to this bug.
Description Ongun Kanat 2017-12-02 14:18:27 UTC 
It looks like Solid uses udisks2 default mount options which mounts external NTFS drives with 777 permissions. Exec permission is rarely needed for NTFS drives and might be dangerous for users. External USB drives a constantly used attack vector against incautious users.

Since udisks2 doesn't allow its hardcoded default permissions to be changed via a config file implementing it in Solid might be a good way to achieve a safer default.
Comment 1 Nate Graham 2019-03-02 13:39:47 UTC 
Would be worth reporting this upstream to the folks behind udisks2 as well. Could you do that?
Comment 2 Ongun Kanat 2019-03-18 21:30:54 UTC 
Done: https://github.com/storaged-project/udisks/issues/644
Comment 3 Nate Graham 2019-03-18 22:55:08 UTC 
Thanks!