Control: tags -1 wontfix Control: close -1 On Mon, 18 Jan 2021 14:45:17 -0800 Josh Triplett <[email protected]> wrote: > On Thu, Jan 14, 2021 at 03:13:31PM +0100, Michael Biebl wrote: > > Hi Josh > > > > Am 15.06.15 um 17:56 schrieb Josh Triplett: > > > On Mon, Jun 15, 2015 at 12:36:45PM +0200, Michael Biebl wrote: > > > > Am 15.06.2015 um 07:34 schrieb Martin Pitt: > > > > > Hey Josh, > > > > > > > > > > Josh Triplett [2015-06-13 16:23 -0700]: > > > > > > I plugged in a removable USB disk, and its devices showed up as root:disk 0660, > > > > > > with no ACLs. Normally, I'd expect removable USB disks to grant > > > > > > read/write permission to the logged-in user. > > > > > > ~$ ls -l /dev/sdb* > > > > > > brw-rw---- 1 root disk 8, 16 Jun 13 16:17 /dev/sdb > > > > > > brw-rw---- 1 root disk 8, 17 Jun 13 16:17 /dev/sdb1 > > > > > > > > > > That's expected. As Michael already said, we never explicitly granted > > > > > user access to device nodes. Maybe in the past some devices got that > > > > > through specific group membership, or you had some custom udev rules > > > > > to do that; but throughout the history of pmount, hal, consolekit, > > > > > udev etc. in Debian the device nodes themselves weren't user > > > > > accessible in general. The main exception there that I remember is > > > > > Fedora's/Red Hat's ancient console_helper (or something similar) which > > > > > actually changed the device nodes themselves. But that was some decade > > > > > ago already.. > > > > > > > > I checked wheezy, and it had the following rules: > > > > 91-permissions: SUBSYSTEM=="block", ATTRS{removable}=="1", GROUP="floppy" > > > > 91-permissions: SUBSYSTEM=="block", SUBSYSTEMS=="usb|ieee1394|mmc|pcmcia", GROUP="floppy" > > > > > > > > See also https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=751892 > > > > > > > > Maybe we should merge those two bug reports? > > > > > > Merging them seems fine, but I do think this functionality from wheezy > > > should be restored. Not using the "floppy" group or any static group, > > > but using the uaccess mechanism. > > > > > > Either that, or there should be a NEWS.Debian entry somewhere > > > documenting that direct device access by users was removed and won't > > > come back for security reasons. But I don't see an obvious reason why > > > removable USB disk devices should not be accessible to users. > > > > I'm looking at older bug reports and I'm wondering what to do about this > > one. I guess the time for a NEWS entry has passed. > > Regarding granting access to "removable" media write access via uaccess, I'm > > not strictly against that, I just would prefer this to happen and be > > implemented upstream. One problematic issue I can imagine is that it's not > > trivial to reliably determine whether a disk is really removable or not. > > That said, if you are still interested, would you mind filing an upstream > > bug report at https://github.com/systemd/systemd/issues. > > Filed upstream as https://github.com/systemd/systemd/issues/18304 . > > Thank you again for all your work on systemd and udev, including triage!
As mentioned in the bug report, giving unrestricted access to block devices to unprivileged users is really not safe on Linux, so this is not going to happen by default. udev rules can be configured locally just as well, so one can do that on their own machine if these security issues are not a problem. -- Kind regards, Luca Boccassi
signature.asc
Description: This is a digitally signed message part
