80726 – udisks should at least warn a user when media is mounted in an unreadable location

Bug 80726 - udisks should at least warn a user when media is mounted in an unreadable location

Summary: udisks should at least warn a user when media is mounted in an unreadable loc...

Status:	NEW

Alias:	None

Product:	udisks
Classification:	Unclassified
Component:	general (show other bugs)
Version:	unspecified
Hardware:	All Linux (All)

Importance:	medium normal
Assignee:	David Zeuthen (not reading bugmail)
QA Contact:

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2014-06-30 18:44 UTC by Warren Turkal
Modified:	2014-06-30 18:44 UTC (History)
CC List:	0 users

See Also:
i915 platform:
i915 features:

Attachments

Description Warren Turkal 2014-06-30 18:44:02 UTC

Hi,

I found a possible UX problem with udisks. I have reported the issue to ubuntu at [1]. I just wanted to make sure any additional upstream developers (if they are different) were aware.

distro: Ubuntu 14.04
udisks: 1.0.5-1 (ubuntu package version)

I found that udisks will happily mount media into a location with improper permissions without even notifying the user. Here's how it manifests.

1) Create a user, named "auser"
2) Login as "auser"
3) Mount a piece of media (e.g. usb thumbdrive)
- This causes the creation of /media/auser on Ubuntu (maybe on
/run/media/auser on systems with upstream udisks) with the following
permissions:
# getfacl -n /media/auser/
getfacl: Removing leading '/' from absolute path names
# file: media/auser/
# owner: 0
# group: 0
user::rwx
user:1001:r-x
group::---
mask::r-x
other::---
4) Unmount media.
5) Logout user.
6) Change UID of "auser" to 2000.
7) Chown the home directory of "auser" to 2000.
8) Login as "auser".
9) Mount media.
- The media is mounted into the existing "/media/auser" directory with the
wrong permissions.

At the very least, I feel that the user should be warned that their media is being mounted to a place inaccessible to their user. It might even be appropriate to fail the mount in that case. Giving the user a hint of removing that directory might also be nice since that will allow udisks to recreate the directory with correct perms.

Ideally and if security concerns can be addressed, I think that udisks should make sure the /media/auser directory has the correct permissions. The udisks daemon is the manager of what is in the /media (or /run/media) directory, so it makes some sense that it should fix directory entries that are wrong. FWIW, directory entries are created with appropriate permissions if they don't exist. The change in behavior would make udisks also responsible for fixing perms when they are incorrect.

Here's a link to the code path where a directory with the ACL is created:
http://cgit.freedesktop.org/udisks/tree/src/udiskslinuxfilesystem.c#n899

In the interest of full disclosure, I just noticed as I finished typing the above text that the Ubuntu bug has been closed as "invalid", which I don't think is the right response. However, I am going to respect the maintainer's wish as I don't wish to start a bug open/close battle. However, I still want to make sure the upstream devs are aware. I realize the most of the people may be the same, but I feel this bug is a corner case that will be one more reason people have to troubleshoot a linux desktop. I'd like to help fix this UX, if possible.

[1]https://bugs.launchpad.net/bugs/1335384

Use of freedesktop.org services, including Bugzilla, is subject to our Code of Conduct. How we collect and use information is described in our Privacy Policy.