This is about: Trello
While I understand the value of the feature, it feels like an amazing attack vector for anyone trying to get access to the device. Here is a real world example that exploited the filesystem LABEL: GitHub - ea/bosch_headunit_root: Documentation and code for rooting and extending a Bosch car head unit (lcn2kai)
Please be aware of potential security implications.
Hey Peter, that is a really interesting repository, thanks for sharing. I was the developer actually working on implementing this feature which I’ve discussed a bit more in The supervisor should automount removable storage and provide it to specified containers · Issue #1532 · balena-os/balena-supervisor · GitHub. You can subscribe to that issue for updates if you’d like.
I’m also in the security group here at Balena which is just a group of people specifically interested in security so the fact I’m working on that feature and saw your thread is great.
I’ve read the repositories exploit as it’s quite interesting and doubt I would have implemented the automount in the same way. The main issue with Bosch’s implementation is that they used the devices metadata (FS label to be precise) to create a mount path which enabled the attacker to traverse the host’s file system and mount the drives contents anywhere.
As you could guess from the issue I link above, this automount mechanism will be implemented in the balena-supervisor repository so if you have any concerns you’ll be able to review the source code yourself and provide input if you find any issues. That’s probably the best part about using open source software, you can verify what it’s doing! 