[Pkg-utopia-maintainers] Bug#1041552: HFS/HFS+ are insecure
rhys
rhys at neoquasar.org
Wed Jan 10 19:00:57 GMT 2024
I think the idea that HFS+ is not used on removable device is a bit of a fallacy. I, myself, use this frequently on removable hard drives when moving large data sets back and forth from my Mac. The Mac doesn't easily read ext filesystems, but Linux can read HFS, and the various Microsoft filesystems lose too much metadata.
--J
> On Jan 10, 2024, at 12:39, Marco d'Itri <md at linux.it> wrote:
>
> On Jan 10, Michael Biebl <biebl at debian.org> wrote:
>
>> While we could ship such a udev rule for udisks, I don't think it will
>> properly solve the issue. The device will still show up in nautilus, plasma
>> etc and mounting is just an additional click away.
> The threat model here is: somebody connects a crafted USB stick to
> a computer with a locked screen.
>
> Also, the listed file systems are not used or not used anymore on
> removable devices.
> Certainly not on removable devices used by regular users.
>
> --
> ciao,
> Marco
More information about the Pkg-utopia-maintainers
mailing list