3

I currently started using a Debian 9 server for my day-to-day tests.

Because most of the time the system ends destroyed in my hands, I was thinking about doing a backup of my fstab and smb.conf on a public GitHub repo and use them on my system after a system fix or reinstall.

Those files are used to mount the partitions (fstab) and create network shares with samba (smb.confg). Most of the time they contain a way to identify the HDD/SSD/RAID even if is plugged on another PC by using the UUID of the drive.

  • Is safe to share the UUID of my local drives?
  • If the UUID is shared, what can a random user do with it?
  • What precautions should I take with the UUID of my drives?
Lemon
  • 133
  • 7
  • Theoretically, if I don't edit the partitions the UUID will not change. Also the backups will be used only on that PC. – Lemon Mar 29 '18 at 01:00
  • Wait, are you talking about a UUID collision (two partitions sharing the same ID), or literally _sharing_ it, like letting someone else know what your partition's UUID is? – forest Mar 29 '18 at 01:01
  • I want to create a GitHub repository with that files so I can restore the mount points/samba shares after a system repair/reinstall. The files are used to mount existing partitions and not to set them on other drives. – Lemon Mar 29 '18 at 01:03
  • Because I'm going to create a Public GitHub repository, they will be on the Internet and everyone will be able to see them. – Lemon Mar 29 '18 at 01:07
  • Yep, you understood correctly – Lemon Mar 29 '18 at 01:28
  • 1
    You could also set up a private repository if you are concerned about things like this. – multithr3at3d Mar 29 '18 at 01:29
  • I wanted to know if UUIDs on drives are "sensitive information", so I can make a decision between Sharing or Not Sharing. Also the machine is just for random projects so there is no important information on it. – Lemon Mar 29 '18 at 01:34

1 Answers1

5

I am assuming you are asking whether or not a partition UUID is sensitive information.

A UUID is a random value assigned to the partition of a drive. It is used to reference the drive without needing to know its current location (for example, /dev/sdc3). All knowing a UUID allows someone to do is to reference the partition by that UUID instead of a path. The only requirement is that each one is unique, otherwise utilities that rely on this as an identifier may malfunction. The value is generated randomly and contains no personal or sensitive information. As such, it should be completely safe to disclose the UUID of any partition to any other party.

Knowing a UUID will only allow a local user to find the location of the partition:

# findfs UUID=53cdad3b-4b01-4a6c-a099-be1cdf1acf6d
/dev/sdc3

This information is not secret anyway. A local user can obtain the UUID of any partition:

# blkid /dev/sdc3
/dev/sdc3: UUID="53cdad3b-4b01-4a6c-a099-be1cdf1acf6d" TYPE="ext4"
forest
  • 64,616
  • 20
  • 206
  • 257