[Nix-dev] Re: [Nix-commits] SVN commit: nix - 19185 - NicolasPierron - in nixos/trunk/modules: . security
Nicolas Pierron
nicolas.b.pierron at gmail.com
Sun Jan 3 16:50:50 CET 2010
On Sun, Jan 3, 2010 at 15:42, Eelco Dolstra <e.dolstra at tudelft.nl> wrote:
> Hi,
>
> Nicolas Pierron wrote:
>
>> + security.setuidPrograms = [ "pmount" "pumount" ];
>
> Adding pmount to NixOS may not be such a good idea since NixOS already supports
> non-root mounting through HAL. For instance, in KDE 4 you can just click on a
> USB stick to mount it. This is more secure because it doesn't involve setuid
> binaries (but rather involves sending a message to HAL over the system message
> bus) and it obeys the security policies defined in PolicyKit. The only downside
> is that we don't have a command-line interface to this yet (other than
> dbus-send). Unmounting from the command line does work, because HAL provides a
> umount helper.
>
> There seem to be some scripts to do command-line mounts using HAL, e.g.
>
> http://www.datapax.com.au/apps/halmount/
>
> PS: in any case pmount shouldn't be defined in the pam_usb module because it has
> nothing to do with pam_usb (right?)
pam_usb depends directly on pmount to mount removable devices (not
all) in the /media directory. I am not sure how easy it could be to
replace pmount usage from pam_usb, but the only location seems to be
inside a C file and this does not seems hard.
I'll be happy to test any other solution which does not need a set-uid
program because I don't like the side effect that you have quoted.
--
Nicolas Pierron
http://www.linkedin.com/in/nicolasbpierron - http://nbp.name/
Andrew S. Tanenbaum - Never underestimate the bandwith of a wagon full of tapes.
More information about the nix-dev
mailing list