Package: udisks2
Version: 2.8.1-4+deb10u1
Severity: serious
Hi,
The security team recently released udisks2 2.8.1-4+deb10u1 that forces
the mount option 'errors=remount-ro' to be used for all mounting
operations on ext4 file systems.
However it seems the code was not modified correctly to allow that
option to be used.
On a system with a LXDE based desktop environment, hot-plugging an ext4
formatted USB drive, result in the user being presented with an "Mount
option `errors=remount-ro' is not allowed" error dialog box, and the
mount not occurring.
Same when mounting manually as regular user through udisksctl:
==
max@pibuster:~ $ udisksctl mount -b /dev/sda2
Error mounting /dev/sda2:
GDBus.Error:org.freedesktop.UDisks2.Error.OptionNotPermitted: Mount
option `errors=remount-ro' is not allowed
==
Looking at debian/patches/mount-ext-readonly-on-errors.patch
It did seem the author of the patch knew options need to be allowed, as
he does add "errors=remount-ro" to ext4_allow:
+static const gchar *ext4_allow[] = { "errors=remount-ro", NULL };
However looking at is_mount_option_allowed() in
src/udiskslinuxfilesystem.c the allow list handling code only expect a
lists of allowed option keys in ext4_allow, not entries in the form
key=value...
So that is not going to fly without further changes to
is_mount_option_allowed()...
Yours sincerely,
Floris Bos
_______________________________________________
Pkg-utopia-maintainers mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/pkg-utopia-maintainers
