I don't think pmount is any threat from the point of view of a hacker - it is only a gui that is available to the user. A hacker would derive no benefit from trying to access it. (when the cli is so powerful and so available...)
The biggest threat from pmount is the possible risk of inexperienced users being able to bring storage drives online, and then clicking madly to move things where they should not be, or trashing files. So making pmount harder to access is really only to protect against silly mistakes.
Of course, if you think it would be worthwhile it is possible to rename pmount to something no-one would ever guess... (or it could be removed entirely if the user desired).
If we used pmount, and something bad happened, the question would be why did we bring a storage drive online? If we are keen on security it would be better to just leave the storage devices offline I'd say.
If it was necessary to access data during an online session it might be better to keep that data in some sort of cloud storage, as Sylvander was suggesting.
BanksyPup - online banking and Puppy sampler
Eh...?greengeek wrote:If it was necessary to access data during an online session it might be better to keep that data in some sort of cloud storage, as Sylvander was suggesting.
I'm unaware that I made any suggestion, and I quite deliberately don't use the cloud for ANYTHING.
Can you clue me in by giving a link to, or quoting, the suggestion?
My apologies Sylvander. It seems I completely misunderstood your comment about Acerose:Sylvander wrote:Eh...? I'm unaware that I made any suggestion, and I quite deliberately don't use the cloud for ANYTHING.
Can you clue me in by giving a link to, or quoting, the suggestion?
I thought you meant that Acerose was an online password vault/encrypter designed for Windows users. I totally missed the point about it being a portable .exeI go further... I use WINE [need it available in Puppy] to run my Windows exe portable "Acerose Password Vault" [I've used it since my Windows days]. I only need to memorize the username and long-password to gain access to the vault, and then...
Sorry about that!
Thanks rcrsn51. Does this prevent the NTFS partitions from subsequently being mounted as writable though? Surely it would be an easy step to change the read-only status to writable?rcrsn51 wrote:Change the mounting procedure so NTFS partitions are always mounted read-only..
I do have another reason why I prefer the Windows data to not be visible at all, and that is if a user who is trialling Puppy can see their data they are likely to want to save things to that partition - even if they do so subconciously. I also felt there might be programmes or websites that would not respect "read-only" status and proceed with overwriting something on the partition anyway.
Also - what would happen in the circumstances where the Windows partition was on a FAT32 volume? I would then have to mount the vfat partitions as read-only too wouldn't I?.
The concern above seemed to be that even if you hid the drive icons, people could still manually mount and damage Windows. This fix is just another line of defense. It is only for NTFS. It doesn't permanently change the drive.
1. Go to the folder /bin
2. Locate the file ntfs-3g and rename it as ntfs-3g-full
3. In the same folder, create a script named ntfs-3g
1. Go to the folder /bin
2. Locate the file ntfs-3g and rename it as ntfs-3g-full
3. In the same folder, create a script named ntfs-3g
Code: Select all
#!/bin/sh
ntfs-3g-full -o ro "$@"OK, your explanation clears up my confusion.greengeek wrote:I thought you meant that Acerose was an online password vault/encrypter designed for Windows users. I totally missed the point about it being a portable .exe
Part of the reason I mentioned WINE and "Acerose Password Vault" was...
In order for me to ever begin considering making use of BanksyPup...
a. WINE would need to be included...
And...
b. I'd need to be able to mount the partition that holds the files for the "Acerose Password Vault" Windows portable program.
I do that at present using...
b1. Multi-session DVD-RW of Lighthouse64.
Or...
b2. Remastered CD-RW of "Debiandog-porteus-jwm_icewm".
Hi Tony - Do you have any /mnt/home set up? I just realised there may be some methods people would use to install banksy to a hard drive that would create a /mnt/home mount point (which would potentially leave critical files on that hdd available to other programmes).tony wrote:I have mounted banksy on both my hard drive and a USB stick. Both booted from grub4dos menu.lst
No problems.
Banksy doesn't do it this way as a default, but there are a variety of methods people use to install a puppy so just thought I'd ask.
Banksy2 is now released. It has some significant differences so may not suit all users - but in particular it now includes the ability to burn your personal settings to a new CD or DVD by clicking a single icon.
This allows you to personalise a CD for yourself or family or friends so that they can boot banksy2 and get online without having to enter a wifi password, and without having to have a savefile, and without having to remaster at all.
Banksy2 makes it easy
New thread here
This allows you to personalise a CD for yourself or family or friends so that they can boot banksy2 and get online without having to enter a wifi password, and without having to have a savefile, and without having to remaster at all.
Banksy2 makes it easy
New thread here
-
Pelo
On test bench at Pelo's workshops
On test bench at Pelo's workshops in Marseillan France. Development teams will feed back their results ASAP.
The chief.
The chief.
