Red Hat Bugzilla – Bug 136602
Should non-console owner desktop user on get icons for console user controlled devices?
Last modified: 2013-03-05 22:41:50 EST
Description of problem: Not sure this is a hal layer problem..but its my best guess. I have 2 users logged into the desktops on the system. User1 is considered console owner and has rights to mount and unmount usb storage devices. User2 does not have console permissions and can not mount and unmount the usb-storage devices. When user1 mounts a usb-storage device, both users get an icon for the mounted device on their desktops. I'm not sure this is wise. I would have expected that only console owner would get a dynamically placed icon on the desktop to cue them the mountpoint is available.. by default. Worse, the non console user can access the device and access files. For example they can open up an image on the device with gthumb. This now prevents the console owner, user1, from unmounting the device. This sort of situation needs to be avoided. The default configurations for console owner privledged devices should not be such that other users on the system can keep the device open and prevent the console user from using privledged actions. Thoughts? -jef
Just to update, still seeing this unexpected behavior when 2 desktop users are logged in to the same device using rawhide as of 4-30-05. User1 is console owner, User2 is using a remote desktop such as a vnc session. With default hal policy, User2 sees the media icons that User1 mounts and User2 can open files in those mountpoints preventing user1 from being able to cleaning unmount the device. Effectively this means a remote desktop user can hijack the console user's removable devices such as usb flashdrives preventing correct unmount behavior. If user2 browses the mountpoints with nautilus..things work as expect. When user1 goes to unmount user2's nautilus windows shutdown and user1 can unmount. If user2 opens a file when an application such as gedit or gthumb then user1 can no longer un mount the device until user2 closes the files. -jef
I continue to see the problem with non-console user access to console user owned mountpoints in fc5 preventing the console owner from being able to unmount the device even with the new hal/dbus interaction technology for mounting. Updating the bug accordingly to reflect that. gedit/gthumb no longer appear cause an unmountable situation, but navigation into the mounted directory in a terminal from user2's login session still causes an unmountable situation for the console owner, user1. -jef
Fedora Core 5 is no longer maintained. Is this bug still present in Fedora 8?
Fedora apologizes that these issues have not been resolved yet. We're sorry it's taken so long for your bug to be properly triaged and acted on. We appreciate the time you took to report this issue and want to make sure no important bugs slip through the cracks. If you're currently running a version of Fedora Core between 1 and 6, please note that Fedora no longer maintains these releases. We strongly encourage you to upgrade to a current Fedora release. In order to refocus our efforts as a project we are flagging all of the open bugs for releases which are no longer maintained and closing them. http://fedoraproject.org/wiki/LifeCycle/EOL If this bug is still open against Fedora Core 1 through 6, thirty days from now, it will be closed 'WONTFIX'. If you can reporduce this bug in the latest Fedora version, please change to the respective version. If you are unable to do this, please add a comment to this bug requesting the change. Thanks for your help, and we apologize again that we haven't handled these issues to this point. The process we are following is outlined here: http://fedoraproject.org/wiki/BugZappers/F9CleanUp We will be following the process here: http://fedoraproject.org/wiki/BugZappers/HouseKeeping to ensure this doesn't happen again. And if you'd like to join the bug triage team to help make things better, check out http://fedoraproject.org/wiki/BugZappers
This bug is open for a Fedora version that is no longer maintained and will not be fixed by Fedora. Therefore we are closing this bug. If you can reproduce this bug against a currently maintained version of Fedora please feel free to reopen thus bug against that version. Thank you for reporting this bug and we are sorry it could not be fixed.