Project

General

Profile

Bug #14931

Tails mounts a windows boot partition with amnesia rights

Added by goupille almost 2 years ago. Updated almost 2 years ago.

Status:
Rejected
Priority:
Normal
Assignee:
-
Category:
-
Target version:
-
Start date:
11/07/2017
Due date:
% Done:

0%

Feature Branch:
Type of work:
Research
Blueprint:
Starter:
Affected tool:

Description

a user complains that Tails is mounting the Boot partition of Windows, without asking for an administrator password.

the logs are showing this :

amnesia udisksd15824: Mounted /dev/sde2 at /media/amnesia/BootDisk-Windows10 on behalf of uid 1000

  • WhisperBack report: cfa91021a201076cbc684396d7d6d190

Related issues

Blocks Tails - Feature #13244: Core work 2017Q4: Foundations Team Resolved 06/29/2017

History

#1 Updated by goupille almost 2 years ago

I sent the complete logs to the dev

#2 Updated by intrigeri almost 2 years ago

  • Assignee changed from intrigeri to goupille
  • QA Check set to Info Needed

I suspect the internal drive is somehow recognized as a removable one and/or the partition has a GPT flag that says "please mount me!" to the OS, or something. I can't easily investigate this without more info as I have no such Windows disk around.

Any chance we can get info from this person? The output of "udisksctl dump" would be useful. It's sensitive info so better send it to me privately.

#3 Updated by intrigeri almost 2 years ago

  • Description updated (diff)

(Adding WB report ID to the description, still waiting for goupille's answer.)

#4 Updated by intrigeri almost 2 years ago

#5 Updated by intrigeri almost 2 years ago

The offending device is a 250GB drive connected via USB. And indeed, in the live-persist log I see [sde] Attached SCSI removable disk.

This explains why the user has write access to this storage device (probably because of /etc/udev/rules.d/99-make-removable-devices-user-writable.rules).

So either this drive is physically internal, i.e. inside the computer, and then this is another instance of our well-known semantics problem wrt. internal vs. external drives.

Or it's an external USB drive, and then I think Tails works as designed and intended, and if the user doesn't want their Tails to have access to such a drive, then they should unplug it.

Let's see once goupille has given me the requested info.

#6 Updated by goupille almost 2 years ago

  • Status changed from New to Rejected
  • Assignee deleted (goupille)
  • QA Check deleted (Info Needed)

no news from the user, therefore, I close this ticket.

Also available in: Atom PDF