250106 – sys-apps/pmount should install pmount as SGID

Bug 250106 - sys-apps/pmount should install pmount as SGID

Summary: sys-apps/pmount should install pmount as SGID

Status:	RESOLVED FIXED

Alias:	None

Product:	Gentoo Linux
Classification:	Unclassified
Component:	New packages (show other bugs)
Hardware:	All Linux

Importance:	High normal (vote)
Assignee:	Freedesktop bugs

URL:
Whiteboard:
Keywords:

Depends on:
Blocks:

Reported:	2008-12-07 01:24 UTC by Adam Nielsen
Modified:	2009-02-01 01:09 UTC (History)
CC List:	0 users

See Also:
Package list:
Runtime testing required:	---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.

Description Adam Nielsen 2008-12-07 01:24:28 UTC

/usr/bin/pmount is currently installed SUID, but it also needs to be SGID in order to allow users in the "plugdev" group access to mounted devices.

If you call pmount from a script (such as a udev hotplug event) then it runs as root:root, which means only root can access the devices (unless you use --umask to grant *everyone* access.)

If pmount is installed SGID then it will use its own GID for the mount point - since /usr/bin/pmount is root:plugdev, that means any devices it mounts will be owned by root:plugdev, allowing users in the plugdev group access.

See http://osdir.com/ml/linux.ubuntu.devel.changes.edgy/2006-08/msg01391.html for details on when this functionality was added, for precisely this reason.

Comment 1 Wormo (RETIRED) gentoo-dev

2008-12-07 02:18:57 UTC

Thanks for providing clear explanation of this issue; assigning to maintainers

Comment 2 Gilles Dartiguelongue (RETIRED) gentoo-dev

2009-02-01 01:09:34 UTC

fixed in 0.9.18. Thanks for reporting.