[Bug 595823] Re: Non-admin users can format removable media
Sorry if my comment came across as if your bug report would be totally unreasonable -- it is not. I do (personally) disagree with your reasoning, but the reason why I closed the bug is as stated in the first part of the comment: This is not a clear bug, but instead something where opinions will vary and which therefore should be better discussed at a mailing list for example. But let me also explain a bit why I think this whole issue is more fundamental than just disallowing average users to format removable media. The problem is: If you allow users to auto-mount removable media (which you might not in a company setting but which typical users certainly want), the media is mounted *under their username*. This means for example that they can delete any files on it, at least on the "root" level of the media. If the media is formatted with a filesystem like ext4 or ext3, you can have some rights management on the external disk (for most USB sticks etc., formatted with a FAT filesystem you cannot do this at all) but giving real "read only" access is not possible. Having said that: If your use-case is using an external USB drive as if it were an internal drive, the best method for not allowing unprivileged users deleting the data would be: 1) not allowing those users to auto mount external media 2) mounting this particular device via an entry in /etc/fstab (like internal hard disks) -- optionally mounting it as read- only. -- Non-admin users can format removable media https://bugs.launchpad.net/bugs/595823 You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to gnome-disk-utility in ubuntu. -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 595823] Re: Non-admin users can format removable media
I understand the rationale of allowing some users control of their External devices to the extent of formatting, but there is no way I know of to restrict this ability if you didn't actually want them to do it. With so many people these days storing important data on external storage devices, this mindset of treating external USB storage devices *differently* to internal storage now seems out of date to me. This mindset may have been valid from the days of floppy drives and even up until recently where USB storage was considered as a sort of second- class method of storing data, but times have changed and even though I can see this functionality as useful to the right people, having it as an unavoidable feature available to every class of Ubuntu user is just playing with fire. That is basically why I consider this a security issue, if some part of the definition of security means preventing users having the ability to permanently delete data on a system (that is not necessarily *their* data) when perhaps they should not have that ability. I'll just wait in the forums until a post pops up saying that "little Johnny formatted my 1TB external drive where we had all our kiddies movies stored on, even though I thought I created his account as a normal unprivileged user and only gave him read-only access to the files so he could just play them, please help me recover the files as they were really important to us". -- Non-admin users can format removable media https://bugs.launchpad.net/bugs/595823 You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to gnome-disk-utility in ubuntu. -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 595823] Re: Non-admin users can format removable media
Thank you for your suggestion. However, the changes you are requesting aren't really a bug and require more discussion, which should be done on an appropriate mailing list or forum. http://www.ubuntu.com/support/community/mailinglists might be a good start for determining which mailing list to use. Why it is worse to be able to format removable media than to just delete the data on it (which every regular user can do as well)? Or do you suggest only allowing read-only access for normal users? I think that would make things worse and lead to situations like in Windows XP (IIRC), where you had to be an administrator to burn a CD, resulting in most working with administrator rights all the time. I'm also unmarking this bug as "security" as this is an intended behavior of gnome-disk-utility. ** Changed in: gnome-disk-utility (Ubuntu) Status: New => Invalid ** This bug is no longer flagged as a security vulnerability -- Non-admin users can format removable media https://bugs.launchpad.net/bugs/595823 You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to gnome-disk-utility in ubuntu. -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs
[Bug 595823] Re: Non-admin users can format removable media
** Attachment added: "Dependencies.txt" http://launchpadlibrarian.net/50527495/Dependencies.txt ** Visibility changed to: Public -- Non-admin users can format removable media https://bugs.launchpad.net/bugs/595823 You received this bug notification because you are a member of Ubuntu Desktop Bugs, which is subscribed to gnome-disk-utility in ubuntu. -- desktop-bugs mailing list desktop-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/desktop-bugs