715311 – org.freedesktop.udisks.filesystem-mount-system-internal shouldn't be allowed for wheel

Bug 715311 - org.freedesktop.udisks.filesystem-mount-system-internal shouldn't be allowed for wheel

Summary: org.freedesktop.udisks.filesystem-mount-system-internal shouldn't be allowed ...

Keywords:
Status:	CLOSED NOTABUG
Alias:	None
Product:	Fedora
Classification:	Fedora
Component:	udisks
Sub Component:
Version:	15
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	medium
Target Milestone:	---
Assignee:	David Zeuthen
QA Contact:	Fedora Extras Quality Assurance
Docs Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+	depends on / blocked

Reported:	2011-06-22 14:19 UTC by Andy Lutomirski
Modified:	2013-03-06 04:07 UTC (History)
CC List:	5 users (show)
Fixed In Version:
Doc Type:	Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed:	2011-06-22 18:02:06 UTC
Type:	---
Dependent Products:

Attachments	(Terms of Use)
Add an attachment (proposed patch, testcase, etc.)

Description Andy Lutomirski 2011-06-22 14:19:27 UTC

I have a bunch of system-internal devices that are intentionally not mounted.  GNOME 3 shows them more or less the same way it shows removable devices, and if I click them then *they get mounted without any prompt*.

This happens because /var/lib/polkit-1/localauthority/10-vendor.d/10-desktop-policy.pkla sets ResultActive=yes for org.freedesktop.udisks.filesystem-mount-system-internal.  That's absurd.  Mounting a system-internal device in /media is a strange thing to do and I don't think that just because I'm in the wheel group I should be able to do it without being prompted.

The other permissions in that file make some sense, because users are unlikely to do the actions by accident and get annoyed as a result.

Please just remove filesystem-mount-system-internal from the desktop policy.

Maybe in some future world when all the other udisks-using tools are smarter about system-internal devices this would make sense.

Comment 1 Bill Nottingham 2011-06-22 15:25:04 UTC

I'm not sure I agree here - the point of the wheel group is that they're the administrative user; in that case, they should be able to mount whatever filesystems. Given how wheel is used in sudo, it's not as if it's a privilege escalation.

In any case, moving to the proper component.

Comment 2 Andy Lutomirski 2011-06-22 15:35:21 UTC

sudo asks for a password (on a brand new F15 install):

$ groups
luto wheel

$ sudo echo foo
[sudo] password for luto:

I don't see why mounting internal devices should be special and not need a password.  Especially because it's easy to do by accident and it's a strange thing to do.

Comment 3 David Zeuthen 2011-06-22 18:02:06 UTC

It works this way because most people only have things like Windows or OS X on the system disk and we want people to access data on these volumes. So that's exactly why we allow users in the 'wheel' group to do this without authenticating (OTOH, users not in the 'wheel' group gets to authenticate by default).

There are multiple ways to configure your system if you don't like this (and don't want to remove your user from the 'wheel' group): putting the relevant devices in /etc/fstab is one solution - configuring polkit is another.

We are not changing the defaults just because of your setup.

Note You need to log in before you can comment on or make changes to this bug.