Re: SanDisk USB stick problem [solved]

2020-12-10 Thread Andrei POPESCU 
On Mi, 09 dec 20, 19:47:14, Joe wrote:
> 
> I believe a mount point will always be owned by root, regardless of the
> permissions of the underlying directory, 

Nitpick: in the relevant documentation a "mount point" is the underlying 
directory.

You're probably referring to the filesystem's root directory. Its 
permissions are managed the same as any other directory for "native" 
filesystems (ext*, xfs, etc.) and via mount options for FAT and NTFS.

Kind regards,
Andrei
-- 
http://wiki.debian.org/FAQsFromDebianUser


signature.asc
Description: PGP signature

Re: SanDisk USB stick problem [solved]

2020-12-09 Thread Greg Wooledge 
On Wed, Dec 09, 2020 at 07:47:14PM +, Joe wrote:
> I believe a mount point will always be owned by root, regardless of the
> permissions of the underlying directory, because only root is allowed
> to mount things.

unicorn:~$ mkdir mtpt
unicorn:~$ ls -ld mtpt
drwxr-xr-x 2 greg greg 4096 Dec  9 15:22 mtpt/
unicorn:~$ sshfs remote: mtpt
unicorn:~$ ls -ld mtpt
drwxr-xr-x 1 greg greg 4096 Dec  6 23:09 mtpt/

FUSE changes a few things.

Re: SanDisk USB stick problem [solved]

2020-12-09 Thread Joe 
On Wed, 9 Dec 2020 12:22:28 -0700
Fred  wrote:


> When I was denied permission to write a file to the device as a
> regular user I checked the permissions and then discovered root could
> not change them.  Being a hardware oriented person I was concerned
> the SecureAccess software needed to change a write protect bit in the
> device and decided to ask for help.  I should have tried writing to
> the device as root but being very busy I didn't.  It is writable by
> root and anyone can read it so there is no problem.

I believe a mount point will always be owned by root, regardless of the
permissions of the underlying directory, because only root is allowed
to mount things. The device mounted on the mount point will normally be
owned by the logged-in user, unless /etc/fstab contains instructions to
the contrary. A device mounted while no user is logged in will be owned
by root (again, subject to fstab), something that usually happens if an
external drive has been left attached after shutting down. 

It's generally a bad idea to boot with an external medium attached,
unless it's bootable and you explicitly want to boot it. If it isn't
bootable, it will either be mounted as root (which may not prevent
other users writing to it) or the BIOS may hang.

-- 
Joe

Re: SanDisk USB stick problem [solved]

2020-12-09 Thread Fred 

On 12/8/20 9:39 PM, David Christensen wrote:

On 2020-12-08 07:29, Fred wrote:

Hello,

I bought a SanDisk Cruzer Glide USB stick.  The fine print on the 
package says it has SecureAccess software.  It is so secure it 
prevents me from writing to it without running the included Bill Gates 
cancerous, virus infested, scourge of the Earth software.


fred@ragnok:/media/usb0$ ls -l
total 8416
drwxr-xr-x 2 root root   16384 Jul  9  2018 SanDiskSecureAccess
-rwxr-xr-x 1 root root 8600360 Nov  4  2016 
SanDiskSecureAccessV3.01_win.exe

fred@ragnok:/media/usb0$


I have many SanDisk USB flash drives, including several Cruzer Glide. 
They typically have an MBR partition scheme and one large VFAT or NTFS 
partition.



"SanDisk Secure Access" is optional Windows encryption software that is 
bundled with SanDisk USB flash drives.  Use it, ignore it, or delete it 
as you please; the software is not required to use the drive on any 
computer that supports the factory partitioning scheme and filesystem.


When I was denied permission to write a file to the device as a regular 
user I checked the permissions and then discovered root could not change 
them.  Being a hardware oriented person I was concerned the SecureAccess 
software needed to change a write protect bit in the device and decided 
to ask for help.  I should have tried writing to the device as root but 
being very busy I didn't.  It is writable by root and anyone can read it 
so there is no problem.



root@ragnok:/home/fred# chown fred /media/usb0
chown: changing ownership of '/media/usb0': Operation not permitted

Attempts to add write permission are also denied.


As you have not stated how you mounted the drive, I will assume that you 
plugged it in, an icon appeared on the desktop, you interacted with the 
icon, and the drive was mounted at /media/usb0.  If so, AIUI the various 
Debian desktops with automounting use FUSE.  The user account running 
the desktop and automounter will have whatever access controls that are 
supported by the filesystem and/or by FUSE.  But all other user 
accounts, including the root account (!), are denied access to the 
filesystem.  This is a security feature of FUSE.  See mount.fuse(8).


I do not use a DE.  Just openbox and xterm/command line.  Something 
automagically mounts USB devices.  Fuse is installed so maybe that is it.





Is there any way to disable or remove the SecureAccess software?


If you want to use the flash drive to move files between DOS, Windows, 
Linux, macOS, BSD, etc., leave the factory partitioning scheme and 
filesystem intact.  Use the desktop to mount and unmount the filesystem 
on the flash drive.  Use the file manager or a normal, non-root, 
terminal to delete or move aside the "Secure Access" stuff.



If you want to use the drive for some other purpose, such as burning a 
Debian Installer ISO image onto it, do not mount the drive using the 
desktop.  (You may have to disable the desktop automounting feature). 
Instead, open a terminal and use sudo(8) or su(1) to work with the drive.



David


Thanks for the help.
Best regards,
Fred