On 8 July 2014 01:15, lee <lee@xxxxxxxxxxxxxxx> wrote: > Tim <ignored_mailbox@xxxxxxxxxxxx> writes: > >> Allegedly, on or about 06 July 2014, lee sent: >>> Why would anyone but root be allowed to mount something? >> >> Because *I* put a CD, DVD, USB drive, into *my* computer, logged in as >> *myself*... > > That doesn't mean that you should be allowed to mount it when you're not > root. And your computer doesn't know /who/ added some media, does it. > >> If I have to be root, or gain root privileges, to do such a basic >> requirement, these days, then security is being busted by either knowing >> the root password, or being allowed to use my own password for such a >> hazardous thing. > > Security is more likely to be busted by users carelessly mounting file > systems than it is by users knowing the passwords for their computers, > unless busted intentionally. > > > Anyway, I wonder why the OP doesn't just mount the camera as usual. It > seemed to be mountable. > All true. But we live in a world where attaching cameras and other devices to computers to get files off them is a very common task. That should be no more of a security concern than being able to get those same files from the internet. The solution is a controlled way of mounting attached devices, which if I understand correctly is what /run/media is about, also things like KIO, GVFS. By expecting users to mount attached devices with full-fat mount usage you open the potential for exploits. -- imalone http://ibmalone.blogspot.co.uk -- users mailing list users@xxxxxxxxxxxxxxxxxxxxxxx To unsubscribe or change subscription options: https://admin.fedoraproject.org/mailman/listinfo/users Fedora Code of Conduct: http://fedoraproject.org/code-of-conduct Guidelines: http://fedoraproject.org/wiki/Mailing_list_guidelines Have a question? Ask away: http://ask.fedoraproject.org
