On Thu, 2004-09-09 at 15:07 -0400, Jeff Spaleta wrote: > On Thu, 09 Sep 2004 20:21:00 +0200, David Zeuthen <david@xxxxxxxx> wrote: > > I'm not sure I agree: if one cares about security one is using > > filesystems with uid/gid attributes anyway. That said, however, it might > > be useful to have a configuration file fstab-sync to explicitly specify > > don't add this or that drive. And in the longterm finetune the mount > > point names, e.g. using labels or whatnot. > > I think if someone wants to approach this from a locked down system > point of view, > you'd want to have a a policy of no devices allowed by default with > specific devices allowed via administrative control. As compared to a > policy of everything by default with a list of devices disallowed. > Though of course both approaches will have their uses. > Yeah, I'm thinking /etc/fstab-sync.conf would do this - still have to write the code but it shouldn't be too hard. I'm not sure what the default policy should be though - most people are happy about not having to go to the commandline to get access to their partitions and some people have more or less valid security concerns. My take is that the latter group is more capable of going and editing /etc/fstab-sync.conf that the former. But that is just my personal opinion. > I'm still poking at figuring out how to break hal in spectacular > ways... but are the files in > /usr/share/hal/fdi useful for creating locally defined policy of this sort? > Those files, hal device information files, or .fdi files, are meant to contain *facts* about certain devices, e.g. this device that looks like a mass storage device to the kernel is in fact really a mp3 player/ camera/whatever. So, yes Alan, they are really suitable to be shared between archs and used site-wide etc. David
