:: Re: [DNG] automount, mount, and USB…
Top Page
Delete this message
Reply to this message
Author: Jaromil
Date:  
To: dng
Subject: Re: [DNG] automount, mount, and USB sticks


On July 29, 2015 7:17:23 PM GMT+02:00, Steve Litt <slitt@???> wrote:
>On Wed, 29 Jul 2015 17:07:32 +0200
>tilt! <tilt@???> wrote:
>
>
>> I am certain there is a way of solving this "automounting
>> problem" (if I may call it that) cleanly, without the use
>> of either of them. :-)
>
>Yes, a daemon running as root could do it. And if the daemon does
>nothing but observe inotify and dmesg, perhaps check a fifo for devices
>to be mounted/unmounted (with complete cleansing of that fifo's
>information) and perform a mount command, I imagine we could get a
>handle on security.


*very* interesting thread
sorry for stating the obvious I guess that's why you are all here

IMHO the bigger barrier to this is not having
a string parsing code (or basic grammar)
that is security oriented, I mean hardened
to run as root and handle corner cases

I mean: what would you suggest using for the
"check a FIFO" bit you mention?
pcre? perhaps very clean simple code?
most code out there has too many features
and is too ambitions to fulfill such a simple task

said that: yes, I do watch my process list
and think that smaller is better.
I think I speak for most people here when I say we dislike
the quantity of undocumented daemons running
on on gnu/Linux desktop nowadays and
I hope we can trim that down with Devuan

how I do it now? hardcode every single binary
that sudo is aloud to execute, full path
and locations that are only root writable.
that's a sudoers feature...

ciao