Bug#788662: Logged-in user no longer granted permission to removable disks
Michael Biebl
biebl at debian.org
Thu Jan 14 14:13:31 GMT 2021
Hi Josh
Am 15.06.15 um 17:56 schrieb Josh Triplett:
> On Mon, Jun 15, 2015 at 12:36:45PM +0200, Michael Biebl wrote:
>> Am 15.06.2015 um 07:34 schrieb Martin Pitt:
>>> Hey Josh,
>>>
>>> Josh Triplett [2015-06-13 16:23 -0700]:
>>>> I plugged in a removable USB disk, and its devices showed up as root:disk 0660,
>>>> with no ACLs. Normally, I'd expect removable USB disks to grant
>>>> read/write permission to the logged-in user.
>>>> ~$ ls -l /dev/sdb*
>>>> brw-rw---- 1 root disk 8, 16 Jun 13 16:17 /dev/sdb
>>>> brw-rw---- 1 root disk 8, 17 Jun 13 16:17 /dev/sdb1
>>>
>>> That's expected. As Michael already said, we never explicitly granted
>>> user access to device nodes. Maybe in the past some devices got that
>>> through specific group membership, or you had some custom udev rules
>>> to do that; but throughout the history of pmount, hal, consolekit,
>>> udev etc. in Debian the device nodes themselves weren't user
>>> accessible in general. The main exception there that I remember is
>>> Fedora's/Red Hat's ancient console_helper (or something similar) which
>>> actually changed the device nodes themselves. But that was some decade
>>> ago already..
>>
>> I checked wheezy, and it had the following rules:
>> 91-permissions: SUBSYSTEM=="block", ATTRS{removable}=="1", GROUP="floppy"
>> 91-permissions: SUBSYSTEM=="block", SUBSYSTEMS=="usb|ieee1394|mmc|pcmcia", GROUP="floppy"
>>
>> See also https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=751892
>>
>> Maybe we should merge those two bug reports?
>
> Merging them seems fine, but I do think this functionality from wheezy
> should be restored. Not using the "floppy" group or any static group,
> but using the uaccess mechanism.
>
> Either that, or there should be a NEWS.Debian entry somewhere
> documenting that direct device access by users was removed and won't
> come back for security reasons. But I don't see an obvious reason why
> removable USB disk devices should not be accessible to users.
I'm looking at older bug reports and I'm wondering what to do about this
one. I guess the time for a NEWS entry has passed.
Regarding granting access to "removable" media write access via uaccess,
I'm not strictly against that, I just would prefer this to happen and be
implemented upstream. One problematic issue I can imagine is that it's
not trivial to reliably determine whether a disk is really removable or not.
That said, if you are still interested, would you mind filing an
upstream bug report at https://github.com/systemd/systemd/issues.
Otherwise I would probably just close this bug report.
Regards,
Michael
-------------- next part --------------
A non-text attachment was scrubbed...
Name: OpenPGP_signature
Type: application/pgp-signature
Size: 840 bytes
Desc: OpenPGP digital signature
URL: <http://alioth-lists.debian.net/pipermail/pkg-systemd-maintainers/attachments/20210114/8f922bdd/attachment-0001.sig>
More information about the Pkg-systemd-maintainers
mailing list