[LBo] Permissions and NTFS

Anita Lewis a.lewis at linuxbasics.org
Thu Jan 3 14:37:28 CET 2008 

Troy wrote:

> 
>> drwxrwx--- 1 root plugdev 8192 2008-01-01 11:24 hda1  (NTFS)
>> drwxr-xr-x 5 troy troy    4096 2007-09-11 09:23 sda1      (Ext3)
>> drwxrwx--- 1 root plugdev 4096 2007-12-13 09:35 sda2  (NTFS)
> 
<snip>
> 
> # /etc/fstab: static file system information.

>> # /dev/hda1
>> UUID=     /media/hda1     ntfs    defaults,umask=007,gid=46 0       1
>> # /dev/sda1
>> UUID=     /media/sda1     ext3    defaults        0       2
>> # /dev/sda2
>> UUID=     /media/sda2     ntfs    defaults,umask=007,gid=46 0       1
<snip>
> From what I can determine, hda1 & sda1 (the partitions formatted NTFS) are
> assigned to a different group, and have a different umask applied.  The
> permissions are correct when umask is applied, but my question is why, by
> default, the partitions formatted NTFS are given a different umask and gid?

I'll take a stab at this.  The umask is making it so that only owner and
group have any and all privileges.  owner is root; so no problem there.
 group is plugdev which is what number 46 is.  If you look at
/etc/group, you will most likely see that troy is a member of the
plugdev group.  So, troy has full privileges as well as root.

My guess is that it is using plugdev as the group in case the media is
hotpluggable.  Some folks are using ntfs formatted usb sticks, for
example.  This covers that scenario and explains why the gid is different.

Why would it give different privileges with the umask? I think it has to
do with the default ntfs privileges.  If you were mounting vfat, there
would be no problem, because there would be no privileges set with that
filesystem.  But ntfs does set them.  I looked with cygwin at my ntfs
partition here at work and the files are set to rwx for owner.  They
need to be set for rwx for group also since a group member is going to
be dealing with them.  "other" does not need privileges; so that is set
to ---.  The default for the Linux mount is 664, I think, so if you
didn't have the umask, you would create files with the wrong permissions
for the ntfs partition.  That's my guess on that part of it.

When I use cygwin's vi to make a file, I get 644 on the file while a
file I had created with the Windows system is 700.  That means that
Everybody has permission to read that file where they can't look at the
other file.  I have broken my security by using cygwin.  Something like
that would happen if you did not use that umask with your mounting of
the ntfs filesystem, I think.  There would be no problem if you did not
write to the system, but the assumption is that you will write.  You can
try some edits and creating new files on it and see what changes happen
in the permissions on the Windows side.  Let us know.

Anita

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 250 bytes
Desc: OpenPGP digital signature
Url : http://LinuxBasics.org/pipermail/qna/attachments/20080103/fbe57c9a/attachment.pgp

More information about the QnA mailing list