[Pkg-utopia-maintainers] Bug#812153: Bug#812153: Bug#812153: Bug#812153: Bug#812153: policykit-1: allows ordinary users to mount filesystems

Christoph Anton Mitterer calestyo at scientia.net
Thu Jan 21 14:39:04 UTC 2016 

On Thu, 2016-01-21 at 14:48 +0100, Michael Biebl wrote:
> With the default policy we ship in Debian, the following conditions
> need
> to be met, that a non-admin user can mount/umount
> 
> - The user needs to be local and active, e.g. a user logged in via
> SSH
> can *not* arbitrarly mount/umount anything
> - The media needs to be removable, i.e. a local partition can *not*
> be
> mounted/unmounted.

And I've just said that there are probably many setups, e.g. embedded
devices, where disks are connected e.g. via USB, where people can
locally login (e.g. when that is used as a terminal), but have not
necessarily physical access to the removable device.
That's already a simple scenario, where the logic that works fine for
normal desktops (as you've said, and what I haven't disputed) may
easily cause security issues.

If you tell me what's wrong with that, I just happily take everything
back and apologise for opening the bug.


You wrote in your first mail that this is likely not from polkit but
from udisk, so I reassigned the bug and reopened it since I felt the
above issue still exists.

Then you threatened me with making sure that I'm being blocked if I
further pursue what's an issue for me and possibly for others as well.

So I'm really not sure what I could have made better, apart from not
reporting an issue at all, or assuming in advance that Debian considers
only the major use cases where removable devices are physically
accessible be the local user anyway (and where - as you've pointed out
correctly - it would in fact be no security gain if the user was denied
mounting it) but not other scenarios, where the user is local but
nevertheless has no direct access.
But I think I've explained that scenario in the beginning, so you could
have also simply said that such non-major cases aren't considered
instead of threatening me with consequences when I further follow up
what's an issue in my use case.


Anyway the bug has already been closed yesterday, I haven't reopened
it, you already said I would have been wasting your time and I feel
discussion with someone who threatens me with being banned when I don't
share his views a waste of mine - so can we just end the useless
iteration now for good?

Best wishes,
Chris.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 5930 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-utopia-maintainers/attachments/20160121/193c829c/attachment.bin>

More information about the Pkg-utopia-maintainers mailing list