I have tweaked the permissions on /media/username
from root:root
to username:root
[1]. I understand that a user-centric location allows user-centric permissions [2].
But why were the permissions for this folder root:root
in the first place?
[1] So that I can mount encrypted folders there with Gnome EncFS Manager. For example, I can now mount an encrypted folder as /media/username/personal-documents
.
[2] From Why has Ubuntu moved the default mount points? :
The root cause for this change of default behaviour in udisks2 seems clear : the security. It is safer to restrict access to a file system to one particular user instead of giving access to it to all the users of the system.
In my case this is how things look in
/media
:Basically this means that only a root user can interact with the directory. This is great for security (certainly stops other users seeing, let alone stealing/deleting/changing data) but that's not where the story ends.
You might notice the plus sign at the end of the permission mask. This means an ACL (Access Control List) is in use. This allows for far more granular permissions.
It's through ACL where my user is allowed to view the contents of
/media/oli
. I'm still not allowed to edit the contents.The thing doing the mounting in modern desktops (both Gnome and KDE) is
udisks2
:As you can see, it's running there as root, so when something accesses it over DBUS, it's able to create the mount-points within /home/$USER and chown them down to your user so they can edit the contents.
None of that changes what I said originally. I'm just explaining how it works in practice. This is how something on your desktop is in-effect allowed to write somewhere that is only allowed by root, and how your user is allowed to read it despite an otherwise restrictive ownership.
All that turns it into an environment that is secure for the user's data but one that also makes it hard for the user to meddle with the fabric of the mount. They can't, for example, delete the mount-point or rename it which could cause issues unless they have root access.
Edit: Something that just occurred to me is that it also gives an administrator a good place to mount things for a single user. The permissions by default help keep this mount private and protect this mount against the user's meddling. It seems like a fairly sane default for something that done without the
/media/$user/
directory, would need root permissions.The Linux (and *nix) mentality in general is based on the principle of
Least amount of necessary privileges.
Usually modern
Desktop Environments
will mount your devices under/media/username/devicepartitionname
. This means that for the device to be usable you only need to own thedevicepartitionname
folder and anything below it. This means that your folder of/media/username
could still be owned byroot
, and that would make it more secure.Also mounting anything on
/media/username
is a bad idea, as that will make yourDE
try to mount a partition into a folder on another mounted partition which can lead to a lot of !!FUN!! (also probable data loss).I agree to the other answer and comments in addition to that
root:root
to avoid mainly two situations.1. Security risk : A hacker script which dump /dev/zero to /media/user/ which fill the root partition and hence unable to login or bad performance.
2. Conflict with udisk2 : Assume a partition with label backup. Udisks mount it @ /media/user/backup . user manually created the above directory which will force the udisk to change mount point to something like /media/user/backup1 and thus misleaded by backup scripts etc.