Re: usb write permissions

From: James Gribbin <Jim@JimGribbin.com>
Date: Mon Oct 31 2005 - 23:01:56 AKST

On Sun, 2005-10-30 at 23:31 -0800, James Gribbin wrote:
> Someone, I don't remember who, was haveing problems writeing to USB
> drives as user. I dicovered that I was haveing the same problem and
> looked into it. I think I've got it figured out.
>
> My original fstab contained a line like this:
>
> usbfs /proc/bus/usb usbfs noauto 0 0
>
> I changed to look like this:
>
> usbfs /proc/bus/usb usbfs noauto,gid=100,umask=002 0 0
>
> This causes usb drives to be mounted root:users with permissions of 775.
>
> You will need to make certain you belong to the group "users", I though
> all distos set up users to belong to that group, but I found out I
> didn't belong. Don't know if it was a fluke of NLD or I accidentally
> messed with it, but check anyway.
>
> Jim Gribbin
>
>
> ---------
> To unsubscribe, send email to <aklug-request@aklug.org>
> with 'unsubscribe' in the message body.
>
Somebody once mentioned thats it's concidered bad form to reply to your
own post, but what the hey!!

I had originally asked about this on a SuSE forum. When I turned down
their solution of after mounting the USB disk to bring up a terminal
window and manually setting the owner and permeissions, I was informed
that they concidered my solution a security risk.

In some ways I can see their point. They seem to feel that anything less
than manually doing this each time so that you know what it is,
shouldn't be done.

I'm not willing to go all the way back to manual, but in deference to
them; I have changed the gid (group ID) from 100 (users) to 6 (disk) and
set noexec. This way for someone to write data to USB offline storage,
the user has to have been previously authorized. Of cource since I am
the only user and the admin, this is something of a moot point.

Jim

---------
To unsubscribe, send email to <aklug-request@aklug.org>
with 'unsubscribe' in the message body.
Received on Tue Nov 1 00:09:15 2005

This archive was generated by hypermail 2.1.8 : Tue Nov 01 2005 - 00:09:15 AKST