How might it be possible to rig a system such that some removable media, like a USB stick, can be mounted by a user without any need for root privileges, and yet be made private for that user? I’m thinking of some multiuser situation, like a school or library, where there are many terminals. I sit down at a terminal, plug in my USB stick, mount it, without needing any privileges, have full access to it, and yet it is completely private to me. I know I can gain privacy my mounting the stick in my home directory, but I’d need root privileges to make the mount. In fstab I can use the ‘user,noauto’ option, which lets me, or anyone else, mount, OTOH, then, once mounted, the sick is visible to anyone. Is there some way of making the device itself private? chmod’ing the contents is not sufficient since other users can still do things like write new files. I think this should be doable but I’m damned if I can figure it out.
Share
This issue does not lie in the removable media, but rather in the filesystem. The FAT filesystem does not support individual access control.
You can solve your problem by defining default access rights in your fstab. From the manpage:
So, e.g. “user,noauto,umask=077” should take all rights away from anybody else then the user performing the mount. Note that this is already the default dmask on most systems! Maybe something is wrong with your setup.