Bug 715311

Summary: org.freedesktop.udisks.filesystem-mount-system-internal shouldn't be allowed for wheel
Product: [Fedora] Fedora Reporter: Andy Lutomirski <luto>
Component: udisksAssignee: David Zeuthen <davidz>
Status: CLOSED NOTABUG QA Contact: Fedora Extras Quality Assurance <extras-qa>
Severity: medium Docs Contact:
Priority: unspecified    
Version: 15CC: davidz, dwysocha, extras-orphan, mclasen, notting
Target Milestone: ---   
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2011-06-22 18:02:06 UTC Type: ---
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:

Description Andy Lutomirski 2011-06-22 14:19:27 UTC 
I have a bunch of system-internal devices that are intentionally not mounted.  GNOME 3 shows them more or less the same way it shows removable devices, and if I click them then *they get mounted without any prompt*.

This happens because /var/lib/polkit-1/localauthority/10-vendor.d/10-desktop-policy.pkla sets ResultActive=yes for org.freedesktop.udisks.filesystem-mount-system-internal.  That's absurd.  Mounting a system-internal device in /media is a strange thing to do and I don't think that just because I'm in the wheel group I should be able to do it without being prompted.

The other permissions in that file make some sense, because users are unlikely to do the actions by accident and get annoyed as a result.

Please just remove filesystem-mount-system-internal from the desktop policy.

Maybe in some future world when all the other udisks-using tools are smarter about system-internal devices this would make sense.
Comment 1 Bill Nottingham 2011-06-22 15:25:04 UTC 
I'm not sure I agree here - the point of the wheel group is that they're the administrative user; in that case, they should be able to mount whatever filesystems. Given how wheel is used in sudo, it's not as if it's a privilege escalation.

In any case, moving to the proper component.
Comment 2 Andy Lutomirski 2011-06-22 15:35:21 UTC 
sudo asks for a password (on a brand new F15 install):

$ groups
luto wheel

$ sudo echo foo
[sudo] password for luto:

I don't see why mounting internal devices should be special and not need a password.  Especially because it's easy to do by accident and it's a strange thing to do.
Comment 3 David Zeuthen 2011-06-22 18:02:06 UTC 
It works this way because most people only have things like Windows or OS X on the system disk and we want people to access data on these volumes. So that's exactly why we allow users in the 'wheel' group to do this without authenticating (OTOH, users not in the 'wheel' group gets to authenticate by default).

There are multiple ways to configure your system if you don't like this (and don't want to remove your user from the 'wheel' group): putting the relevant devices in /etc/fstab is one solution - configuring polkit is another.

We are not changing the defaults just because of your setup.