Hi Martin,
While trying to find out how to make it possible for any user to r/w
an ext3 partition i found out that you could manage the permissions of a
file system from its mount point's permissions.
Talking about this in #Ubuntu chatroom, some users agreed that this
was a weird way to manage the access to a filesystem. We agreed that it
would be much better to set up all permissions from the fstab rather
than from the mount point directory. We also thought there might be some
vulnerability in leaving all permission set up to a folder level instead
of the partition itself. sorry, i can't quite explain this clearly.
what i mean is that it should be the partition itself that tells 'john
can('t) write here', and the mount point should just be a mount point, a
medium to access the file system.
Probably mine, like some others', warning is a nonsense, but at
least take it as an advice. Also there is very little documentation on
how ext3 permission is handled, while one can easily figure out how vfat
or ntfs partition work.
Standardizing the behaviour of file systems would make our lives
easier, don't you think?
Hope I clarified a little. Thanks for your time,
- Jacopo
Martin Pitt wrote:
> status needsinfo
>
> Hi!
>
> Japs [2006-09-05 13:44 -0000]:
>
>> It is not user friendly to set read/write privilegies to ext3 partitions
>> to non-root users.
>>
>
> In contrast to vfat, ext3 has full support for file privileges. It is
> a very important security feature that a non-root user cannot just
> change the ownership of a file that does not belong to him. Which
> particular problem do you try to solve?
>
>
>> To succed in that I had to change the ownership of the mount point from
>> root to myself.
>>
>
> Please be aware that this does not change the mount point directory on
> the 'parent' file system, but the permissions of the root file system
> on the mounted device. This might be fine for your purposes, but is
> not what some people expect.
>
>
>> I think there should be something like umask='some value' to set rw
>> privilegies to non-root users, like there is for vfat partitions.
>>
>
> That is not applicable. Because ext3 has proper file system
> permissions, ext3 does not have an umask option. This only makes sense
> for file systems which do not know about permissions, like vfat.
>
>
>> Also it is a security issue that changing the ownership of a
>> mountpoint you can have write rights to the file system it refers
>> to.
>>
>
> I don't understand this - if you change the owner of a directory from
> root to 'joe', then of course joe can write into it -- that was the
> whole point of the ownership change.
>
> Can you please clarify this?
>
>
> ** Changed in: Ubuntu
> Status: Unconfirmed => Needs Info
>
>
--
ext3 file system handling awkward
https://launchpad.net/bugs/59027
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
