https://bugzilla.novell.com/show_bug.cgi?id=309074#c14 --- Comment #14 from Bernhard Kaindl <bk@novell.com> 2007-09-25 09:59:12 MST --- Only as footnote:
If these problems can't be solved on the Windows side...
Some people may not even have Windows available (like me here) and nonethless may want or need to access or work with NTFS partitions. ----------------------------------------------------------------------------
I consider the automatic read-only mount of a hibernated volume and unclean journal case a security and usability risk when a user wants to mount read-write.
I do not understand to which security risk you refer here. I can only assume what you mean is that different behavior on low levels can trigger different behavior on higher levels, but the risk which I see here is that applications which mount partitions using ntfs-3g might not expect different behavior and could fail. In my option, it is something we have to deal with and it's good not to change already used interfaces. On the other hand, the amount of users of the ntfs-3g mount interface should be limited to ntfs-config and maybe a few other apps, but I think that the want or the need for having fall back to read-only is a valid feature which is implemented in other filesystems and which could therefore be also expected from the mount backend of ntfs-3g. (that does not neccearily mean /bin/ntfs-3g for me, that means "mount -t ntfs-3g").
I think user must be notified asap in these cases so he can act accordingly.
Agreed. The question is how to notify the user in such situations. Terminal users can be notified by simple text messages which are printed at mount time by ntfs-3g itself, and it can also print a message that it fell back to read-only and mount read-only. As ntfs-3g itself does not provide a GUI for mounting, it's a question how to inform a GUI of issues which are discovered while mounting. I now recognize that the GUIs may depend on ntfs-3g mount to handle these mount issues as it's done now. The next question is how to inform the user when ntfs-3g is requested to be mounted at boot when no one (either server or fully graphical boot without error messages during boot) is looking at messages and boot has to succeed or the system does not even start network. I think that this is the really inconvenient case which we must address as the system must at least boot, the reaction to not boot is likely a message which is too harsh, I think that you'll agree with me here. So what I'll do is to replace the current symlink /sbin/mount.ntfs-3g with a program which acts as a front end to ntfs-3g, and can deal with rw mount refusals by retrying to mount read-only. In future steps, it can be enhanced to check /etc/fstab for permitted user mounts (only mount.ntfs-3g is suid then and in a subsequent step, it could be enhanced to open the disk device in the required mode (RDONLY for read-only mounts), drop privileges and pass the opened file descriptor to ntfs-3g for mounting. Does this sound like a deal? I'll check that ntfs-config uses /bin/ntfs-3g when it depends on ntfs-3g to refuse the rw mount with an error so that it behaves as expected and inform the maintainer of ntfs-config if I'd have to change it. I'd offer that mount program of course also for inclusion into ntfs-3g, and I'll document it in an addition to the man page of ntfs-3g. I'll suggest it to the other distributors as well and I hope that this does not stay SUSE-specific. -- Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email ------- You are receiving this mail because: ------- You are on the CC list for the bug.