Skip to content

GitLab

  • Menu
Projects Groups Snippets
  • Help
    • Help
    • Support
    • Community forum
    • Submit feedback
    • Contribute to GitLab
  • Sign in / Register
  • T tails
  • Project information
    • Project information
    • Activity
    • Labels
    • Members
  • Repository
    • Repository
    • Files
    • Commits
    • Branches
    • Tags
    • Contributors
    • Graph
    • Compare
  • Issues 934
    • Issues 934
    • List
    • Boards
    • Service Desk
    • Milestones
  • Merge requests 18
    • Merge requests 18
  • CI/CD
    • CI/CD
    • Pipelines
    • Jobs
    • Schedules
  • Deployments
    • Deployments
    • Environments
    • Releases
  • Monitor
    • Monitor
    • Incidents
  • Analytics
    • Analytics
    • Value stream
    • CI/CD
    • Repository
  • Activity
  • Graph
  • Create a new issue
  • Jobs
  • Commits
  • Issue Boards
Collapse sidebar
  • tails
  • tails
  • Issues
  • #17751

Closed
Open
Created Jun 03, 2020 by sajolida@sajolidaMaintainer

Consider using a non-Windows file system on the system partition

The system partition of the USB stick already uses the hidden flag of GPT to discourage Windows and others to manipulate it.

According to #17634 (closed), this is not enough to prevent Windows from doing so and this creates trouble for some of our users already. Though we don't have more information about which applications or Windows configuration do manipulate it right now.

I understand that we won't ever be able to completely prevent an OS from manipulating the USB stick if plugged in (and maybe implanting a vulnerability) and so that we are talking about finding a tradeoff here.

But I guess that formatting the system partition with Ext4 for example, would fix #17634 (closed) for example.

What would be the cost? Could moving out of FAT bring other benefits?

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information
Assignee
Assign to
Time tracking