[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: EUREKA!!!! - was [Re: Permissions for an entire PARTITION]

On Sat 29 Oct 2016 at 23:23:52 +0300, Reco wrote:

> On Sat, 29 Oct 2016 19:15:53 +0100
> Brian <ad44@cityscape.co.uk> wrote:
> 
> > I wish you had addressed the "equal exposure" question. Desktops are not
> > the only environments in town. Leaving non-policykit users out in the
> > cold is not an option.
> 
> True, that does not look good at all. But why bother listing udisks2
> which is using PolicyKit then?

In the light of previous points I think there is a non-sequiteur in
there somwhere.
 
> Besides, in modern Debian it takes a certain amount of skill and
> determination *not* to use PolicyKit ;)

Maybe. Nothing to do with whether policykit is on a machine or not, of
course.

> > It doesn't come down to that; using a desktop filemanager is just one of
> > the alternatives. One could equally well ask why it is has to mentioned
> > when there is
> > 
> >  > Install pmount, udevil or udisks2 and use one ..... 
> 
> Indeed. All this confusion could be avoided by simple 'please mount the
> USB stick to this mountpoint'. Again, the page describes rather
> advanced topic.

As said, a rewrite is in the offing. The reality is that all operations
should be with root privileges.
 
> > Providing a range of advice for a range of people isn't exactly easy in
> > all situations. Advice on installing a wifi kernel module is easy -
> > there is only one for each chipset.
> 
> I honestly wish that this was true. Sadly, there's Broadcom, see [1]
> for the gory details.

There are always exceptions.

> > A page on pmount is a little harder because it is a moving target.
> 
> I honestly lost you here. oldstable, stable, testing and even sid have
> the same upstream version of pmount - 0.9.23, dated 2010.

They do indeed. Six years. Do you get the feeling it is getting on for
unmaintained. (And a wiki page with HAL on it! I ask you). But software
changes. Then wiki pages change. 

> > (The link you gave has out-of-date info on HAL). Anything more 
> > complex can always be criticised as time moves on.
> 
> The page itself is somewhat outdated, true. Someone should cleanup that
> obsolete hal reference.

Don't look at me.

> > But your sort of constructive criticism is valuable.
> 
> You're welcome, I guess.
> 
> > You are getting carried away here. Both are for *automatically* mounting
> > and unmounting removable media, which is not a focus for the task.
> > 
> > There is no sign of supermount in stable or unstable.
> 
> True. That's something that I missed.

We all miss something.

> > As little as possible should be done as root is a good principle.
> 
> mount(2) system call is a privileged one regardless of the tool used.
> Hence a root intervention in one form or the other is needed.
> 
> Whenever such privilege escalation is done by trusted daemon (udisks2),
> or by hand (su, sudo) for the purposes of mounting and unmounting is not
> relevant. Assuming, for the sake of simplicity, that all implementations
> of privilege escalation (su, sudo, policykit, trusted suid binaries
> such as pmount) are free of security bugs.
> 
> If it was desirable to exclude root intervention whenever possible in
> this task - the page in question would suggest fusefat instead.

Something to consider and test. Thanks.
 
> > C'mon; pointing out a typo! This is unworthy of you, even as an aside.
> 
> Disregard the typo comment then as it was not pointed to the article
> quality. Not all mount(8) invokations require root, that was the point.
> 
> > Mounting and unmounting are not really a problem. Users and root can
> > easily do these. But, as far as I can see, only someone with root
> > privileges can use dd, cfdisk, fdisk and mkfs.vfat with a removable
> > device. I'd like to be wrong.
> 
> This is a common myth that I'll debunk gladly.
> 
> Image copying (dd or any other tool) merely requires ability to write
> to a block device. Such permissions on removable media should be
> provided to any current console user by logind (or ConsoleKit if we
> still need to think about wheezy), or a good old-fashioned
> 'floppy' (any group name will do) group and a custom udev rule (as of
> jessie).
> 
> Creating any filesystem on a removable media's partition merely requires
> the same.

Since you wrote this, hundreds of people using GNOME have popped a USB
stick into their machines and typed

  dd if=/dev/zero of=/dev/<somewhere>

Those who didn't get

  dd: failed to open 'dev/<somewhere>'

will be along soon to report success and explain why.

The floppy group + a udev rule is a Wheezy thing. Not suitable for a
wiki relating to a current Debian.

-- 
Brian.
Reply to: