Andrei POPESCU wrote: > Brian wrote: > > Renaud OLGIATI wrote: > > > I plug in a USB pen drive, and launch dd to copy an iso image. > > > > > > # dd bs=4M if=debian-live-7.6.0-amd64-rescue.iso of=/dev/sdi && sync > > > > Thee is no need to be root to copy the ISO. > > Of course there is no need to be root to copy an ISO file "around", but > permission to write directly to the raw device is equivalent to root, so > naturally this is not included in the permissions of "normal" users. > > $ ls -l /dev/sda > brw-rw---- 1 root disk 8, 0 dec 20 23:16 /dev/sda
But removable media is mounted as part of the "floppy" group not the "disk" group. $ ls -l /dev/sd? brw-rw---T 1 root disk 8, 0 Dec 9 13:24 /dev/sda brw-rw---T 1 root disk 8, 16 Dec 9 13:24 /dev/sdb brw-rw---T 1 root floppy 8, 32 Dec 9 13:24 /dev/sdc Here /dev/sdc is a usb storage device and it gets set up with the floppy group. The console user is also set up with the floppy group too. Assuming one of libpam, consolekit, systemd-login0 and so forth. Therefore the console user doesn't need to be root. They can write to the write to it directly. > From /usr/share/doc/base-passwd/users-and-groups.txt.gz > disk > Raw access to disks. Mostly equivalent to root access. True for non-removable media. Since it was declared to be a USB pen drive we can assume it will be in the floppy group. And this was confirmed by the poster in another message: Renaud OLGIATI wrote: > # ls -l /dev/sdi > brw-rw---T 1 root floppy 8, 128 Dec 19 07:59 /dev/sdi Bob
signature.asc
Description: Digital signature
