Hi, intrigeri wrote (10 Jun 2013 16:25:14 GMT) : >> 2. the only one relevant file in bilibop-udev is 66-bilibop.rules; so it >> is possible to modify it again (+2 lines), or even not install >> bilibop-udev (but only bilibop-common), and add a specific rules file in >> the amnesia git repository (I think in >> config/chroot_local-includes/etc/udev/rules.d/). Additionally, you could >> merge it with the existing 99-hide-TailsData.rules. In that case, this >> could give: [...]
>> What do you think about that ? > Great, I do like it! It allows us to externalize the bulk of the work > to bilibop (which is great), while at the same time giving us > fine-grained control on what exactly we want it to do. >> If needed I can help to write what you need. > I'll give it a try ASAP, and will get back to you if I need help. > Thanks for the offer :) I've tried it, and what you suggested in your out-of-thread forwarded email worked fine (UDISKS_SYSTEM_INTERNAL was set for the Tails boot medium). However, it is not effective in practice as Squeeze's udisks does not support this property yet. So, I guess this specific protection will have to wait until Tails is based on Wheezy, unless someone can think of a way to implement per-device udisks-level write access protection with udisks 1.0.1+git20100614-3. One more reason to work on porting to Wheezy! Cheers, -- intrigeri | GnuPG key @ https://gaffer.ptitcanardnoir.org/intrigeri/intrigeri.asc | OTR fingerprint @ https://gaffer.ptitcanardnoir.org/intrigeri/otr.asc _______________________________________________ tails-dev mailing list [email protected] https://mailman.boum.org/listinfo/tails-dev
