[GTALUG] Adding all users to the "disk" group: bad idea, or terrible idea?
Stewart C. Russell
scruss at gmail.com
Tue Feb 18 08:27:50 EST 2020
Hey, thanks to all who responded. I'm sticking with merely "bad idea",
as it would also give the user block-level access to everyone's secret
files. I know sudo already does this, but one has to manually clunk into
that mode. Though there are still plenty of Raspberry Pi users who 'sudo
ls', for some reason.
On 2020-02-17 7:23 p.m., Chris Tyler wrote:
> Wouldn't it be better to use SGID to enable access to disk devices only
> for the duration of that program's execution?
Author claims it's not possible. The program was written as a reaction
to finding out that balenaEtcher (https://www.balena.io/etcher/) "phones
home" with usage data. If true, this is unfortunate, because Etcher
fixes all the fiddliness of using dd as root, it's truly cross platform,
and avoids the Windows unzip bug. No-one's yet identified what exactly
Etcher phones home yet, but that hasn't stopped the heat, light and fury
of a Free Software Cause in the making …
The new program's quite usable for now (even if you have to run it sudo)
and appears to be cross-platform too. It's also a lot smaller than
Etcher, which is an Electron app.
Source repo is here: https://gitlab.com/bztsrc/usbimager
More information about the talk
mailing list