On Sat, Aug 27, 2011 at 17:43, Tom Gundersen firstname.lastname@example.org wrote:
On Sat, Aug 27, 2011 at 12:07 AM, Tom Gundersen email@example.com wrote:
I'm refactoring our support for the "storage" group, due to a recent bug report about it being incomplete: https://bugs.archlinux.org/task/22337. I thought I'd ask for some input.
I did a bit more digging and asking around, and it seems that my previous suggestion, basically to make "storage" work correctly with more devices, is not a good one.
I tried pushing the fix into udev upstream, but Kay argued against it, and even the Debian maintainer agreed that this should probably not go upstream.
Their reasoning (which I guess I agree with) is that giving users access to usb sticks (among other things) causes security probems (the user logged in over ssh can access the usb stick of the logged in user).
Furthermore, (and this I did not know) in addition to taking care of mounting, udisks has support for most of what fdisk does, so there goes the main argument in favor of giving user access to these devices.
To make a long story short; in stead of fixing the "storage" group, I intend to remove support for it from udev, and direct people to use udisks instead. If anyone have any objections, pleas let me know.
Pardon the interruption but from a former MS user and basically an end user I thought I would chime in. Auto mounting is evil and the autorun feature associated with it is worse. I think removing it from udev is an excellent idea and I laud your suggestion. It will definitely improve security and, IMHO, make things easier to setup. One only has to learn one method, preferably the "correct" method, to do something. I use the word correct because their are at least 3 right ways to do things. Your way, my way, and the next person's way. None of which may be the correct way.