mount option to ignore permissions

mount option to ignore permissions

[Ihar `Philips` Filipau]

Hi!

  [ Please CC: me, I'm not subscribed. Yet. ]

  The problem have beaten me before. And now I have it again.
  Imaging external hard drive with "proper" file system (proper ==
supports posix permissions) where files were created by user A and
then it (ext. hard drive) was brought to another location/computer and
user B tried to read them. Failure. Why? Because Linux preserved
permissions on hard drive - though they are already irrelevant on
system fs is currently mounted on. And that renders literally all
files accessible only by root.

  What is needed is special mount option to tell file system (*):
   (1) to ignore permissions when file/directory is read;
   (2) when file/directory is created it receives automatically "world
writable" permissions 0666 (I cannot imaging how to simulate "user
friendly" file attribute "read-only", though it seems not relevant to
external storage anyway).

  I'm looking into the code and it seems that every file system parses
option on their own.
  Global flags (ro/rw, nodev, etc) are handled by mount(8) itself and
passed to sys_mount() as bitmask.

  How gid/uid are passed to file system? I do not see them in
parameter list to sys_mount(). Or they are handled somehow otherwise?

  Any ideas on how I can simulate such behavior and or on how to
implement such attribute would be appreciated.

P.S. chmod/chown isn't option since (1) they do not work for ro file
system and (2) doing that every time on NNNk files might quite
tiresome - every time disk is reattached.

P.P.S. BTW MacOSX has such option and it is automatically selected for
external hard drives.

P.P.P.S. That doesn't happen with most external hard drives since they
are all FAT32. I moved to ext2/hfs+ in part to avoid the recurring
nightmares of past when I have worked with FAT32 all day long. And
also ext2/hfs+ (under Linux/MacOSX) are better than FAT*. And also I
need "case sensitiveness".

-- 
Don't walk behind me, I may not lead.
Don't walk in front of me, I may not follow.
Just walk beside me and be my friend.
    -- Albert Camus (attributed to)

Re: mount option to ignore permissions

[Dave Kleikamp]

On Thu, 2007-03-08 at 23:39 +0100, Ihar `Philips` Filipau wrote:

>   The problem have beaten me before. And now I have it again.
>   Imaging external hard drive with "proper" file system (proper ==
> supports posix permissions) where files were created by user A and
> then it (ext. hard drive) was brought to another location/computer and
> user B tried to read them. Failure. Why? Because Linux preserved
> permissions on hard drive - though they are already irrelevant on
> system fs is currently mounted on. And that renders literally all
> files accessible only by root.
> 
>   What is needed is special mount option to tell file system (*):
>    (1) to ignore permissions when file/directory is read;
>    (2) when file/directory is created it receives automatically "world
> writable" permissions 0666 (I cannot imaging how to simulate "user
> friendly" file attribute "read-only", though it seems not relevant to
> external storage anyway).
> 
>   I'm looking into the code and it seems that every file system parses
> option on their own.
>   Global flags (ro/rw, nodev, etc) are handled by mount(8) itself and
> passed to sys_mount() as bitmask.
> 
>   How gid/uid are passed to file system? I do not see them in
> parameter list to sys_mount(). Or they are handled somehow otherwise?

A posix file system doesn't have a uid or gid associated with it.  These
are set based on the owner of the process creating the file or
directory.

>   Any ideas on how I can simulate such behavior and or on how to
> implement such attribute would be appreciated.

jfs does support mount options to override uid, gid, and umask for
existing files.  The reason for this is so a file system can be shared
between linux and os2, and os2 doesn't use these fields.  (I just
realized that I've never documented these flags.)

I don't know how other file systems' maintainers would feel about
supporting these flags.  I can see how it would be useful for external
hard drives.

> P.S. chmod/chown isn't option since (1) they do not work for ro file
> system and (2) doing that every time on NNNk files might quite
> tiresome - every time disk is reattached.

This is true of chown, but if you would chmod everything to 777 (or 666
for non-directories), you wouldn't have to repeat that every time you
reattach.  You could mount the drive under a directory with restricted
permissions to have some degree of security.

> P.P.S. BTW MacOSX has such option and it is automatically selected for
> external hard drives.

What are the details?  If something were to be proposed, it wouldn't
hurt to try to be consistent.

> P.P.P.S. That doesn't happen with most external hard drives since they
> are all FAT32. I moved to ext2/hfs+ in part to avoid the recurring
> nightmares of past when I have worked with FAT32 all day long. And
> also ext2/hfs+ (under Linux/MacOSX) are better than FAT*. And also I
> need "case sensitiveness".

Shaggy
-- 
David Kleikamp
IBM Linux Technology Center

Re: mount option to ignore permissions

[Shaya Potter]

Ihar `Philips` Filipau wrote:
> Hi!
> 
>  [ Please CC: me, I'm not subscribed. Yet. ]
> 
>  The problem have beaten me before. And now I have it again.
>  Imaging external hard drive with "proper" file system (proper ==
> supports posix permissions) where files were created by user A and
> then it (ext. hard drive) was brought to another location/computer and
> user B tried to read them. Failure. Why? Because Linux preserved
> permissions on hard drive - though they are already irrelevant on
> system fs is currently mounted on. And that renders literally all
> files accessible only by root.
> 
>  What is needed is special mount option to tell file system (*):
>   (1) to ignore permissions when file/directory is read;
>   (2) when file/directory is created it receives automatically "world
> writable" permissions 0666 (I cannot imaging how to simulate "user
> friendly" file attribute "read-only", though it seems not relevant to
> external storage anyway).

it's not just hard drives, I've found badly mastered video DVDs that 
have written the files to only be readable by the "owner" (UDF supports 
a normal owner,group,world semantic).  Of course they test it in windows 
which ignores those bits of the fs and everything worked fine, but if 
one tries to use it in linux, it can only be played as root.  As it's a 
DVD, one has no ability to change the permissions, and one might not 
even be able to easily extract and copy it to a new disk if its larger 
than what a DVD+-R can hold (ignoring less common DL disks for now).

My assumption is, if someone is mounting media, it should be assumed he 
owns the media, and he should be able to disable permission checking for 
that mount point if he desires.  right now there is no way to do that.