|
|
Subscribe / Log in / New account

Firefox gets closed-source DRM

Firefox gets closed-source DRM

Posted May 16, 2014 16:23 UTC (Fri) by raven667 (subscriber, #5198)
In reply to: Firefox gets closed-source DRM by dlang
Parent article: Firefox gets closed-source DRM

I don't understand, if you create a removable filesystem and set a bunch of permissions, extended attributes, access control lists or whatever then your filesystems is going to have a bunch of permissions, extended attributes and access control lists preventing access to things...what else would you expect? If you move that filesystem to a different machine those user IDs and permissions might be totally inappropriate. This is why often removable media uses a filesystem like FAT which doesn't have permissions, to sidestep this issue entirely, or use mount options like context= and try not to set permissions that don't make sense.

to post comments

Firefox gets closed-source DRM

Posted May 16, 2014 18:27 UTC (Fri) by dlang (guest, #313) [Link] (3 responses)

I think the issue here is that SELinux doesn't play well with untagged files. It really wants you to tag them (thus the original poster's comment about the "right" answer being to tag all the files)

but that doesn't play well if you want to use the same removable media with multiple systems.

So the answer "disable SELinux" is reasonable, because this is a case that SELinux just doesn't handle well (if I'm wrong about this, please educate me)

Firefox gets closed-source DRM

Posted May 16, 2014 19:05 UTC (Fri) by mathstuf (subscriber, #69389) [Link] (2 responses)

Setting it to permissive mode should be enough.

And really, SELinux needs to handle filesystems without xattr support, so maybe it should treat all removable media as not supporting xattr.

Firefox gets closed-source DRM

Posted May 16, 2014 19:11 UTC (Fri) by raven667 (subscriber, #5198) [Link] (1 responses)

I mentioned the context mount option in my earlier message which seems to have been created for this purpose, a quote from the manpage for mount(8)

Quote:

"A commonly used option for removable media is context="system_u:object_r:removable_t"."

"Even where xattrs are supported, you can save time not having to label every file by assigning the entire disk one security context."

Firefox gets closed-source DRM

Posted May 16, 2014 19:13 UTC (Fri) by mathstuf (subscriber, #69389) [Link]

Ah, thanks. Does udisks set this option?

/me adds to autofs scripts.


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds