[Pkg-utopia-maintainers] Bug#1041552: HFS/HFS+ are insecure
Marco d'Itri
md at linux.it
Wed Jan 10 18:39:21 GMT 2024
On Jan 10, Michael Biebl <biebl at debian.org> wrote:
> While we could ship such a udev rule for udisks, I don't think it will
> properly solve the issue. The device will still show up in nautilus, plasma
> etc and mounting is just an additional click away.
The threat model here is: somebody connects a crafted USB stick to
a computer with a locked screen.
Also, the listed file systems are not used or not used anymore on
removable devices.
Certainly not on removable devices used by regular users.
--
ciao,
Marco
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 228 bytes
Desc: not available
URL: <http://alioth-lists.debian.net/pipermail/pkg-utopia-maintainers/attachments/20240110/2c481098/attachment.sig>
More information about the Pkg-utopia-maintainers
mailing list