[Discuss] USB thumbdrive, Linux only usage: FAT vs NTFS vs other? TRIM support?

Derek Martin invalid at pizzashack.org
Thu Feb 28 11:45:55 EST 2013 

On Thu, Feb 28, 2013 at 09:49:52AM -0500, John Abreau wrote:
> find /path/to/thumb drive -xdev -type f -exec chmod 666 '{}' ';'
> find /path/to/thumb drive -xdev -type d -exec chmod 777 '{}' ';'
> 
> Doesn't look all that tedious to me. 

You'll have to do that every time you add files to it...  Seems pretty
tedious to me... especially if you use it a lot.

> On Feb 27, 2013, at 6:45 PM, Derek Martin <invalid at pizzashack.org> wrote:
> 
> > On Tue, Feb 26, 2013 at 07:08:14PM -0500, Matthew Gillen wrote:
> >> On 2/25/2013 10:19 PM, Tom Metro wrote:
> >>> Matthew Gillen wrote:
> >>>> Create a single directory in the root of the thumb drive, and give that
> >>>> world-write and group-write, then give it set-group-ID bit ('chmod g+s
> >>>> dirname').
> >>>> 
> >>>> Every file created will inherit the group-id of the original directory...
> >>> 
> >>> How does that help if the numeric GIDs vary from machine to machine?
> >> 
> >> It doesn't matter.  The files (even new ones you're attempting to write)
> >> always inherit the GID of the parent dir. It's just an integer.  True,
> >> it won't map to a readable name on some systems (or map to a different
> >> name), but the display name of the group doesn't matter, and won't stop
> >> you from reading and writing.  The permission system is based on the
> >> integer values.
> > 
> > You're missing the problem.  
> > 
> > You create the drive on your home Linux system.  On that system,
> > your UID and GID match, and are 500.  You create your SGID, world-
> > readable/writable directory.  You write files into it.
> > 
> > Now you want to use it on your work desktop, which is managed by your
> > IT department, and your UID is 8365, GID is 1020.  
> > 
> > Unless you also make all your FILES world readable and world writable
> > when you write them to the USB drive, you will not be able to read or
> > write those files when you plug it into your work desktop.
> > 
> > This WILL WORK, but in general this is bad practice, and may even be
> > against your company's security policy.  You'll either need to change
> > your umask when you want to use the drive, and change it back when you
> > switch back to using your machine's internal disk, which you'll no
> > doubt forget to do very frequently, OR, you can tediously manually
> > change the permissions on all the files you write to your thumb drive.
> > Blech.  Not to mention the fact that if you're using an application to
> > write the file, it may not even allow you to write files with 0666
> > permissions in the first place.  [Some security-concious internet
> > client programs don't allow this, for instance.]  So even if you
> > change your umask, you'll still have to check to see that the access
> > is fully permissive.
> > 
> > What you're suggesting is doable; but it is either horribly tedious,
> > or ignores good security practices.  Or both.  Granted, anyone who
> > gets physical access to your thumb drive has all your files (unless
> > you encrypt it), so that's not a real issue...  But in order to cope
> > with this scheme without a painful degree of tedium, you have to put
> > yourself in the habit of ignoring security considerations.  That's a
> > bad habit to be in, and in some extreme cases could even get you fired
> > (though admittedly, that's very unlikely for most of us).
> > 
> > -- 
> > Derek D. Martin    http://www.pizzashack.org/   GPG Key ID: 0xDFBEAD02
> > -=-=-=-=-
> > This message is posted from an invalid address.  Replying to it will result in
> > undeliverable mail due to spam prevention.  Sorry for the inconvenience.
> > 
> > _______________________________________________
> > Discuss mailing list
> > Discuss at blu.org
> > http://lists.blu.org/mailman/listinfo/discuss
> _______________________________________________
> Discuss mailing list
> Discuss at blu.org
> http://lists.blu.org/mailman/listinfo/discuss

-- 
Derek D. Martin    http://www.pizzashack.org/   GPG Key ID: 0xDFBEAD02
-=-=-=-=-
This message is posted from an invalid address.  Replying to it will result in
undeliverable mail due to spam prevention.  Sorry for the inconvenience.

More information about the Discuss mailing list