[Bug 308867] New: Windows NTFS disks not mounted
https://bugzilla.novell.com/show_bug.cgi?id=308867 Summary: Windows NTFS disks not mounted Product: openSUSE 10.3 Version: Beta 2 Platform: x86-64 OS/Version: Other Status: NEW Severity: Major Priority: P5 - None Component: Other AssignedTo: bnc-team-screening@forge.provo.novell.com ReportedBy: trofimich@gmail.com QAContact: qa@suse.de Found By: Beta-Customer Created an attachment (id=162825) --> (https://bugzilla.novell.com/attachment.cgi?id=162825) Screenshot I've installed OpenSuse 10.3 Beta 2 on disk with Windows partitions (all updates before september 8 unstalled too). I have 3 windows disks: two NTFS and one FAT32. FAT32 disk mounted without problems. Both NTFS disks shown as not mounted after SUSE loaded. I use KDE 3.5.7. When i select "Mount" from popup menu, i've got an error: "Error opening partition device: Access denied" If i enter in KDE under root, than mounting works (working with disks too slow, but this is other question). -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=308867#c1
Andreas Jaeger
https://bugzilla.novell.com/show_bug.cgi?id=308867#c2
--- Comment #2 from Alexander Tyutik
https://bugzilla.novell.com/show_bug.cgi?id=308867#c3
--- Comment #3 from Alexander Tyutik
https://bugzilla.novell.com/show_bug.cgi?id=308867#c4
--- Comment #4 from Alexander Tyutik
https://bugzilla.novell.com/show_bug.cgi?id=308867
Cyril Hrubis
https://bugzilla.novell.com/show_bug.cgi?id=308867#c5
Thomas Fehr
https://bugzilla.novell.com/show_bug.cgi?id=308867#c6
Willem Meens
https://bugzilla.novell.com/show_bug.cgi?id=308867#c7
Daugirdas Racys
https://bugzilla.novell.com/show_bug.cgi?id=308867#c8
--- Comment #8 from Alexander Tyutik
https://bugzilla.novell.com/show_bug.cgi?id=308867#c9
--- Comment #9 from Alexander Tyutik
https://bugzilla.novell.com/show_bug.cgi?id=308867#c10
--- Comment #10 from Thomas Fehr
https://bugzilla.novell.com/show_bug.cgi?id=308867#c11
Francesco Cosoleto
https://bugzilla.novell.com/show_bug.cgi?id=308867#c12
John Jolly
https://bugzilla.novell.com/show_bug.cgi?id=308867
John Jolly
https://bugzilla.novell.com/show_bug.cgi?id=308867
Cyril Hrubis
https://bugzilla.novell.com/show_bug.cgi?id=308867
JP Rosevear
https://bugzilla.novell.com/show_bug.cgi?id=308867
Szabolcs Szakacsits
https://bugzilla.novell.com/show_bug.cgi?id=308867
User vuntz@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=308867#c15
Vincent Untz
Bernd this seems to be a problem of xtfs-3g not honoring the "users" flag in /etc/fstab.
ntfs-3g needs to be setuid root for the users flag to be honoured. Security team? -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=308867
User lnussel@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=308867#c16
Ludwig Nussel
https://bugzilla.novell.com/show_bug.cgi?id=308867
User vuntz@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=308867#c17
Vincent Untz
https://bugzilla.novell.com/show_bug.cgi?id=308867
User szaka@ntfs-3g.org added comment
https://bugzilla.novell.com/show_bug.cgi?id=308867#c18
--- Comment #18 from Szabolcs Szakacsits
https://bugzilla.novell.com/show_bug.cgi?id=308867
User aj@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=308867#c19
Andreas Jaeger
https://bugzilla.novell.com/show_bug.cgi?id=308867
User aj@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=308867#c20
Andreas Jaeger
https://bugzilla.novell.com/show_bug.cgi?id=308867
User lnussel@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=308867#c21
Ludwig Nussel
https://bugzilla.novell.com/show_bug.cgi?id=308867
Arvin Schnell
https://bugzilla.novell.com/show_bug.cgi?id=308867
User szaka@ntfs-3g.org added comment
https://bugzilla.novell.com/show_bug.cgi?id=308867#c22
--- Comment #22 from Szabolcs Szakacsits
https://bugzilla.novell.com/show_bug.cgi?id=308867
User lnussel@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=308867#c23
--- Comment #23 from Ludwig Nussel
A Fedora user noticed that if ntfs-3g and everything else is configured the documented way for unprivileged mounts to mount NTFS volumes then users can indeed mount unprivileged any NTFS volume. This was the intended behavior by design for those who needed this feature by explicit configuration (not default) but the user believed it is a security problem. [...] During the same time Ludwig Nussel from SUSE has found an unrelated, real local root exploit (much higher severity). This was never disclosed to the public but the incorrect security advisory is used today as a proxy. The CVE is still not analysed/confirmed.
You are right. I've dug up the discussions in the mail archive. Indeed CVE-2007-5376 has been assigned to problem I discovered and the plan was to reject CVE-2007-5159. This never actually happened though. Feel free to tell mitre (cve@mitre.org) to correct their descriptions.
Please note, the above doesn't mean setuid-root use would be encouraged by NTFS-3G. Actually just the opposite.
Good to hear :-)
The user/user fstab option issue could be fixed if mount(8) called the mount.ntfs-3g mount helper privileged. Otherwise setuid-root ntfs-3g is required.
Yeah, other mount helpers would benefit from that too. One can't just change the semantics for current helpers though so one would need a directory where helpers with new sematics can be installed. Upstream is not opposed to this idea IIRC. There just is noone pushing an actual implementation. There are also efforts from the kernel side to allow pure user mounts without privileges. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=308867
User szaka@ntfs-3g.org added comment
https://bugzilla.novell.com/show_bug.cgi?id=308867#c24
--- Comment #24 from Szabolcs Szakacsits
Yeah, other mount helpers would benefit from that too. One can't just change the semantics for current helpers though so one would need a directory where helpers with new sematics can be installed. Upstream is not opposed to this idea IIRC. There just is noone pushing an actual implementation.
Last year I suggested a different mount helper name convention, e.g. /sbin/mount_<FS> (which is not really ok because it interferes with other OSes which do use '_' as [u]mount the '.'). I'm afraid a new directory would complicate things. Perhaps something like /sbin/root_mount.<FS>, /sbin/rmount.<FS>, /sbin/privileged_mount.<FS>, /sbin/prvmount.<FS>, ....?
There are also efforts from the kernel side to allow pure user mounts without privileges.
Afaik, Miklos is ready with it. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.
https://bugzilla.novell.com/show_bug.cgi?id=308867
User aschnell@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=308867#c25
Arvin Schnell
participants (1)
-
bugzilla_noreply@novell.com