diff options
author | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-21 04:59:33 +0000 |
---|---|---|
committer | Daniel Baumann <daniel.baumann@progress-linux.org> | 2024-05-21 04:59:33 +0000 |
commit | 73193347133e750faf27f88fd3ab31ce43aff062 (patch) | |
tree | e28a6d9512d1787b1fcbe9167188c9d134bf51d9 /scrub/ext4.rules.in | |
parent | Adding upstream version 1.47.0. (diff) | |
download | e2fsprogs-73193347133e750faf27f88fd3ab31ce43aff062.tar.xz e2fsprogs-73193347133e750faf27f88fd3ab31ce43aff062.zip |
Adding upstream version 1.47.1.upstream/1.47.1upstream
Signed-off-by: Daniel Baumann <daniel.baumann@progress-linux.org>
Diffstat (limited to 'scrub/ext4.rules.in')
-rw-r--r-- | scrub/ext4.rules.in | 13 |
1 files changed, 13 insertions, 0 deletions
diff --git a/scrub/ext4.rules.in b/scrub/ext4.rules.in new file mode 100644 index 0000000..6fe5a7a --- /dev/null +++ b/scrub/ext4.rules.in @@ -0,0 +1,13 @@ +# SPDX-License-Identifier: GPL-2.0-or-later +# +# Copyright (C) 2023 Oracle. All rights reserved. +# Author: Darrick J. Wong <djwong@kernel.org> +# +# Don't let udisks automount ext4 filesystems without even asking a user. +# This doesn't eliminate filesystems as an attack surface; it only prevents +# evil maid attacks when all sessions are locked. +# +# According to http://storaged.org/doc/udisks2-api/latest/udisks.8.html, +# supplying UDISKS_AUTO=0 here changes the HintAuto property of the block +# device abstraction to mean "do not automatically start" (e.g. mount). +SUBSYSTEM=="block", ENV{ID_FS_TYPE}=="ext2|ext3|ext4|ext4dev|jbd", ENV{UDISKS_AUTO}="0" |