Bug 646673
Summary: | Do not make all files executable on a removable media | ||||||
---|---|---|---|---|---|---|---|
Product: | [Fedora] Fedora | Reporter: | Vitaly <vtlkuzmichev> | ||||
Component: | udisks | Assignee: | David Zeuthen <davidz> | ||||
Status: | CLOSED WONTFIX | QA Contact: | Fedora Extras Quality Assurance <extras-qa> | ||||
Severity: | medium | Docs Contact: | |||||
Priority: | low | ||||||
Version: | 13 | CC: | davidz, dwysocha, mads, mclasen, simon | ||||
Target Milestone: | --- | ||||||
Target Release: | --- | ||||||
Hardware: | Unspecified | ||||||
OS: | Linux | ||||||
Whiteboard: | |||||||
Fixed In Version: | Doc Type: | Bug Fix | |||||
Doc Text: | Story Points: | --- | |||||
Clone Of: | Environment: | ||||||
Last Closed: | 2011-06-28 11:11:52 UTC | Type: | --- | ||||
Regression: | --- | Mount Type: | --- | ||||
Documentation: | --- | CRM: | |||||
Verified Versions: | Category: | --- | |||||
oVirt Team: | --- | RHEL 7.3 requirements from Atomic Host: | |||||
Cloudforms Team: | --- | Target Upstream Version: | |||||
Embargoed: | |||||||
Attachments: |
|
Description
Vitaly
2010-10-25 21:40:36 UTC
Hmm, was running into that issue, too. Looks like there have not been a new udisks release after 1.0.1 which is what we have in F13 and F14. Would be great to either include this patch or if we could get a new udisks release... Unfortunately it seems like this has been "fixed" in udisks 1.0.2 in F14 by using the "showexec" mount option by default. That is a regression for some usage scenarios. I think adding showexec is the worst possible solution to the problem. I think it is a bug in nautilus & friends that they are so willing to execute any executable file. The x bit indicates IMHO that the file might be executable, not that it has to be executed and not that it necessarily can be executed. I kind of agree that executing files from user-mounted devices should be disabled by default because of the security implications. But I find it very odd and wrong on a linux system to give windows executables the x bit. Windows executables are no more and no less secure than native sh/binary files, and we shouldn't care much about them. More important: People will soon figure out how to rename their (trojan) linux executables to .exe and thus re-introduce the security issue and render the showexec hack worthless. >I think it is a bug in nautilus & friends that they are so willing to execute any executable file. Whaaat? Why do you think that nautilus should not execute executable files? Nautilus does not decide to mark files as executable! This flag is reported from FS driver. So this is a bug in a utility that mounts vFAT with such weird options. >The x bit indicates IMHO that the file might be executable, not that it has to be executed and not that it necessarily can be executed. The x bit indicates to the system that the file is executable. It's user's feature. It allows user to tell the system that the file could be run. The system should NOT make guesses whether it will or won't be executed. The system should execute executable files when the user want this! This message is a reminder that Fedora 13 is nearing its end of life. Approximately 30 (thirty) days from now Fedora will stop maintaining and issuing updates for Fedora 13. It is Fedora's policy to close all bug reports from releases that are no longer maintained. At that time this bug will be closed as WONTFIX if it remains open with a Fedora 'version' of '13'. Package Maintainer: If you wish for this bug to remain open because you plan to fix it in a currently maintained version, simply change the 'version' to a later Fedora version prior to Fedora 13's end of life. Bug Reporter: Thank you for reporting this issue and we are sorry that we may not be able to fix it before Fedora 13 is end of life. If you would still like to see this bug fixed and are able to reproduce it against a later version of Fedora please change the 'version' of this bug to the applicable version. If you are unable to change the version, please add a comment here and someone will do it for you. Although we aim to fix as many bugs as possible during every release's lifetime, sometimes those efforts are overtaken by events. Often a more recent Fedora release includes newer upstream software that fixes bugs or makes them obsolete. The process we are following is described here: http://fedoraproject.org/wiki/BugZappers/HouseKeeping Fedora 13 changed to end-of-life (EOL) status on 2011-06-25. Fedora 13 is no longer maintained, which means that it will not receive any further security or bug fix updates. As a result we are closing this bug. If you can reproduce this bug against a currently maintained version of Fedora please feel free to reopen this bug against that version. Thank you for reporting this bug and we are sorry it could not be fixed. |