Bug #14931
Tails mounts a windows boot partition with amnesia rights
0%
Description
a user complains that Tails is mounting the Boot partition of Windows, without asking for an administrator password.
the logs are showing this :
amnesia udisksd[15824]: Mounted /dev/sde2 at /media/amnesia/BootDisk-Windows10 on behalf of uid 1000
- WhisperBack report: cfa91021a201076cbc684396d7d6d190
Subtasks
Related issues
Blocks Tails - |
Resolved | 2017-06-29 |
History
#1 Updated by goupille 2017-11-07 15:22:36
I sent the complete logs to the dev
#2 Updated by intrigeri 2017-11-07 15:27:52
- Assignee changed from intrigeri to goupille
- QA Check set to Info Needed
I suspect the internal drive is somehow recognized as a removable one and/or the partition has a GPT flag that says “please mount me!” to the OS, or something. I can’t easily investigate this without more info as I have no such Windows disk around.
Any chance we can get info from this person? The output of “udisksctl dump” would be useful. It’s sensitive info so better send it to me privately.
#3 Updated by intrigeri 2017-11-11 13:34:13
- Description updated
(Adding WB report ID to the description, still waiting for goupille’s answer.)
#4 Updated by intrigeri 2017-11-11 13:35:21
- blocks
Feature #13244: Core work 2017Q4: Foundations Team added
#5 Updated by intrigeri 2017-11-11 13:48:30
The offending device is a 250GB drive connected via USB. And indeed, in the live-persist
log I see [sde] Attached SCSI removable disk
.
This explains why the user has write access to this storage device (probably because of /etc/udev/rules.d/99-make-removable-devices-user-writable.rules
).
So either this drive is physically internal, i.e. inside the computer, and then this is another instance of our well-known semantics problem wrt. internal vs. external drives.
Or it’s an external USB drive, and then I think Tails works as designed and intended, and if the user doesn’t want their Tails to have access to such a drive, then they should unplug it.
Let’s see once goupille has given me the requested info.
#6 Updated by goupille 2017-12-12 11:52:14
- Status changed from New to Rejected
- Assignee deleted (
goupille) - QA Check deleted (
Info Needed)
no news from the user, therefore, I close this ticket.