formatting/partitioning methods in HAL
Danny Kukawka
danny.kukawka at web.de
Sun Jan 15 06:47:16 PST 2006
On Sunday 15 January 2006 15:32, Richard Hughes wrote:
> On Sun, 2006-01-15 at 15:07 +0100, Danny Kukawka wrote:
> > On Sunday 15 January 2006 06:48, Christopher Santero wrote:
[...]
> > I don't think so - for this you should need root-user rights. A user
> > should not be able to reformat (and delete data) a volume if he not own
> > _all_ files and dirs on the volume (and IMO the same for a USB-disk). IMO
> > any other solution would be never acceptable.
>
> Why not? If the policy was made sufficiently secure by default, and
> there was a HOWTO for users to follow to make things work for their
> username, why not?
As I sad above: You should only be able to format a stick if you own _all_
files on this volume. This effect all filesystems with real user/group
permissions (excluding FAT volumes and ... (unknown)).
Why should you be able to format a volume if you maybe not be able to delete
or access one, some or all files on the volume? This break all permission and
security concepts.
> Locking it down to media that <1Gb in size, with only one partition, and
> not a hard-disk would probably cover all the things we would easily try
> to format.
No, see above, this is not depending on the size ... and if you own all
files/permissions on a external 300GB harddisk it's o.k. to format, but if
you did not own one file on a 128 MB USB-Stick formated with ext, reiser or
xfs you should not be able to delete/format.
You must respect this part of permissions/rights ... if not you also can
directly do the MS Windows way: give all users root-rights (and I think
nobody want that because then you can use Windows instead of Linux).
> My opinion is that a user shouldn't have to go to the root user, just to
> format a floppy or a pendrive.
Yes ... if respect the above written.
Cheers,
Danny
More information about the hal
mailing list