Hi Josh Am 15.06.15 um 17:56 schrieb Josh Triplett:
On Mon, Jun 15, 2015 at 12:36:45PM +0200, Michael Biebl wrote:Am 15.06.2015 um 07:34 schrieb Martin Pitt:Hey Josh,Josh Triplett [2015-06-13 16:23 -0700]:I plugged in a removable USB disk, and its devices showed up as root:disk 0660, with no ACLs. Normally, I'd expect removable USB disks to grant read/write permission to the logged-in user. ~$ ls -l /dev/sdb* brw-rw---- 1 root disk 8, 16 Jun 13 16:17 /dev/sdb brw-rw---- 1 root disk 8, 17 Jun 13 16:17 /dev/sdb1That's expected. As Michael already said, we never explicitly granted user access to device nodes. Maybe in the past some devices got that through specific group membership, or you had some custom udev rules to do that; but throughout the history of pmount, hal, consolekit, udev etc. in Debian the device nodes themselves weren't user accessible in general. The main exception there that I remember is Fedora's/Red Hat's ancient console_helper (or something similar) which actually changed the device nodes themselves. But that was some decade ago already..I checked wheezy, and it had the following rules: 91-permissions: SUBSYSTEM=="block", ATTRS{removable}=="1", GROUP="floppy" 91-permissions: SUBSYSTEM=="block", SUBSYSTEMS=="usb|ieee1394|mmc|pcmcia", GROUP="floppy" See also https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=751892 Maybe we should merge those two bug reports?Merging them seems fine, but I do think this functionality from wheezy should be restored. Not using the "floppy" group or any static group, but using the uaccess mechanism. Either that, or there should be a NEWS.Debian entry somewhere documenting that direct device access by users was removed and won't come back for security reasons. But I don't see an obvious reason why removable USB disk devices should not be accessible to users.
I'm looking at older bug reports and I'm wondering what to do about this one. I guess the time for a NEWS entry has passed. Regarding granting access to "removable" media write access via uaccess, I'm not strictly against that, I just would prefer this to happen and be implemented upstream. One problematic issue I can imagine is that it's not trivial to reliably determine whether a disk is really removable or not. That said, if you are still interested, would you mind filing an upstream bug report at https://github.com/systemd/systemd/issues.
Otherwise I would probably just close this bug report. Regards, Michael
OpenPGP_signature
Description: OpenPGP digital signature
