Page MenuHomePhabricator

disable removable drives auto-mounting - XFCE only
Needs Review, NormalPublic

Description

Maybe there is no auto mounting by default anyhow.

Details

Impact
Normal

Event Timeline

Patrick created this task.Apr 23 2019, 12:24 PM
Patrick triaged this task as Normal priority.

Automounting can be configured in /etc/xdg/xfce4/xfconf/xfce-perchannel-xml/thunar-volman.conf

The property "automount-media" should have the value "false".

It looks like these are disabled by default in Whonix. I've only tested this from the CLI version and installed xfce manually. The ordinary xfce version may be different.

Patrick changed the task status from Open to Review.Thu, May 9, 3:31 AM
Patrick assigned this task to madaidan.

Debian buster package thunar-volman (thunar-volman-0.9.1) contains a file debian/thunar-volman.xml

file debian/install contains

debian/thunar-volman.xml /etc/xdg/xfce4/xfconf/xfce-perchannel-xml/

.

dpkg -S /etc/xdg/xfce4/xfconf/xfce-perchannel-xml/thunar-volman.xml

thunar-volman: /etc/xdg/xfce4/xfconf/xfce-perchannel-xml/thunar-volman.xml

<?xml version="1.0" encoding="UTF-8"?>

<channel name="thunar-volman" version="1.0">
  <property name="automount-media" type="empty">
    <property name="enabled" type="bool" value="false"/>
  </property>
  <property name="automount-drives" type="empty">
    <property name="enabled" type="bool" value="false"/>
  </property>
  <property name="autobrowse" type="empty">
    <property name="enabled" type="bool" value="false"/>
  </property>
  <property name="autoopen" type="empty">
    <property name="enabled" type="bool" value="false"/>
  </property>
</channel>

FYI: There is file /etc/skel/.config/xfce4/xfconf/xfce-perchannel-xml/thunar.xml as part of security-misc package.

See also:
https://forums.whonix.org/t/whonix-xfce-development/6213/83


thunar-volman has a ton of auto something features. It may or may not be the case that these are enabled by default. I enabled them all manually to make the point.

cat xfconf/xfce-perchannel-xml/thunar-volman.xml
<?xml version="1.0" encoding="UTF-8"?>

<channel name="thunar-volman" version="1.0">
  <property name="automount-media" type="empty">
    <property name="enabled" type="bool" value="true"/>
  </property>
  <property name="automount-drives" type="empty">
    <property name="enabled" type="bool" value="true"/>
  </property>
  <property name="autobrowse" type="empty">
    <property name="enabled" type="bool" value="true"/>
  </property>
  <property name="autoopen" type="empty">
    <property name="enabled" type="bool" value="true"/>
  </property>
  <property name="autorun" type="empty">
    <property name="enabled" type="bool" value="true"/>
  </property>
  <property name="autoburn" type="empty">
    <property name="enabled" type="bool" value="false"/>
  </property>
  <property name="autoplay-audio-cds" type="empty">
    <property name="enabled" type="bool" value="true"/>
  </property>
  <property name="autoplay-video-cds" type="empty">
    <property name="enabled" type="bool" value="true"/>
  </property>
  <property name="autoipod" type="empty">
    <property name="enabled" type="bool" value="true"/>
  </property>
  <property name="autophoto" type="empty">
    <property name="enabled" type="bool" value="true"/>
  </property>
  <property name="autoprinter" type="empty">
    <property name="enabled" type="bool" value="true"/>
  </property>
  <property name="autokeyboard" type="empty">
    <property name="enabled" type="bool" value="true"/>
  </property>
  <property name="automouse" type="empty">
    <property name="enabled" type="bool" value="true"/>
  </property>
  <property name="autotablet" type="empty">
    <property name="enabled" type="bool" value="true"/>
  </property>
</channel>

Can you see from thunar-volman source code where defaults are configured? Would be good to watch for future versions.


I think by disabling thunar-volman in thunar settings, we automatically get rid of any thunar-volman auto mounting. Done that. (Following commit not yet tested.) Good to have as safeguard.

https://github.com/Whonix/security-misc/commit/b00a264ce27c48584879d85275a3fa3f19030906

What do you think?

Can you see from thunar-volman source code where defaults are configured? Would be good to watch for future versions.

debian/thunar-volman.xml has all the default settings for auto-mounting if that's what you mean.

What do you think?

All the auto stuff should probably be disabled. Disabling volman altogether should disable these anyway but it'd be good to disable individual settings just in case.

Maybe add /etc/xdg/xfce4/xfconf/xfce-perchannel-xml/thunar-volman.conf to security-misc with all the auto-mounting disabled.

madaidan (madaidan):

madaidan added a comment.

> Can you see from thunar-volman source code where defaults are configured? Would be good to watch for future versions.

debian/thunar-volman.xml has all the default settings for auto-mounting if that's what you mean.

No, I mean the upstream repository thunar-volman by XFCE developers.

> What do you think?

All the auto stuff should probably be disabled.

Even if these are disabled by default? The reasoning being, they're
disabled by default now, but we don't know about the future?

Maybe add /etc/xdg/xfce4/xfconf/xfce-perchannel-xml/thunar-volman.conf to security-misc with all the auto-mounting disabled.

It would require config-package-dev displace (used elsewhere in
packages by Whonix) to take over package ownership of that file since
that file is already owned by Debian thunar-volman package. I am
wondering if that effort is justified.

No, I mean the upstream repository thunar-volman by XFCE developers.

It looks like they're configured in thunar-volman-settings/tvm-preferences-dialog.c.

https://git.xfce.org/xfce/thunar-volman/tree/thunar-volman-settings/tvm-preferences-dialog.c

Do a ctrl + f for "auto". It looks like it enables some.

There isn't an actual configuration file. Just code.

Even if these are disabled by default? The reasoning being, they're
disabled by default now, but we don't know about the future?

Yes. It's better to be prepared, just incase.

I am wondering if that effort is justified.

I say it's justified. We probably won't know if the defaults are ever changed so it's better to make sure it wont affect us anyway.