[Pkg-utopia-maintainers] Bug#812153: Bug#812153: policykit-1: allows ordinary users to mount filesystems
Christoph Anton Mitterer
calestyo at scientia.net
Thu Jan 21 02:52:19 UTC 2016
Control: reopen -1
Control: reassign -1 udisks2
On Thu, 2016-01-21 at 03:39 +0100, Michael Biebl wrote:
> Policykit is the wrong package. What you look for is udisks, most
> likely.
I went through /usr/share/polkit-
1/actions/org.freedesktop.udisks2.policy but all settings there seem to
be auth_admin and none seems to be specifically for removable devices.
> And what you say is not true, only removable drives are
> automounted, and that is deliberate and not going to change.
It's still breaking long standing behaviour. You cannot just add such
security regressions and call it "deliberate" thus "not going to
change".
Especially since any device can be removable... people connect normal
hard disks via USB/SATA gateways, which are detected as such as well.
If Debian introduces behaviour that likely allows access to data where
normal users shouldn't have access, than this should be an opt-in.
Thus reopening.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 5930 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-utopia-maintainers/attachments/20160121/b6d48431/attachment.bin>
More information about the Pkg-utopia-maintainers
mailing list