From owner-freebsd-questions  Wed Aug 11 12:22:15 1999
Delivered-To: freebsd-questions@freebsd.org
Received: from europe.std.com (europe.std.com [199.172.62.20])
	by hub.freebsd.org (Postfix) with ESMTP id CDA7D15630
	for <freebsd-questions@freebsd.org>; Wed, 11 Aug 1999 12:22:11 -0700 (PDT)
	(envelope-from lowell@world.std.com)
Received: from world.std.com (lowell@world-f.std.com [199.172.62.5])
	by europe.std.com (8.9.3/8.9.3) with SMTP id PAA17641
	for <freebsd-questions@freebsd.org>; Wed, 11 Aug 1999 15:22:03 -0400 (EDT)
Received: by world.std.com (TheWorld/Spike-2.0)
	id AA20371; Wed, 11 Aug 1999 15:22:03 -0400
To: freebsd-questions@freebsd.org
Subject: Re: users mounting filesystems
References: <Pine.BSF.4.05.9908111348200.2373-100000@gwdu60.gwdg.de> <37B18001.D2A1881@baker.ie>
From: Lowell Gilbert <lowell@world.std.com>
Date: 11 Aug 1999 15:22:03 -0400
In-Reply-To: Cillian Sharkey's message of Wed, 11 Aug 1999 14:52:01 +0100
Message-Id: <rd6hfm6rulg.fsf@world.std.com>
Lines: 34
X-Mailer: Gnus v5.5/Emacs 20.2
Sender: owner-freebsd-questions@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

Cillian Sharkey <cillian@baker.ie> writes:

> > if [ "$USER" = expert ]; then
> >   alias mount='/usr/local/bin/sudo /sbin/mount'
> >   alias umount='/usr/local/bin/sudo /sbin/umount'
> > fi
> 
> Hmm..doing this means that they have access to mount/unmount
> any filesystem they want to (plus override any options in /etc/fstab),
> which is not what I want when they only need to be able to mount a msdos
> floppy disk for example..

Not true, actually.  'sudo' has a facility in the "sudoers" file for
permitting certain users to use sudo only for certain commands.  It even
has pretty extensive alias and wildcard features built in to that
facility.  This allows you to not only limit them to mounting specific
devices, but also to mounting them nosuid -- or even noexec.  This is
very important; if you don't trust people with full access to sudo, you
probably shouldn't trust them with the ability to mount disks with suid
bits enabled either.  The Linux "user" mount option you mentioned in
your original message automatically implies nosuid and noexec.

There are also some questions about how tight control you want to keep
on how many users can do these things at once, and whether users other
than the one who issued the mount command should be able to access the
filesystem.  There are some games you can play with changing the
ownership of the mount points on login, and Andrew J. Korty had some
clever patches (in a now four-month-old PR) for doing similar things
from within the mount and umount commands.  However, these are issues of
the user's security rather than the system's, and may be less important
in many environments.

Be well.
        Lowell Gilbert


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-questions" in the body of the message