From owner-freebsd-chat Thu Jan 4 4:58: 5 2001 From owner-freebsd-chat@FreeBSD.ORG Thu Jan 4 04:58:03 2001 Return-Path: Delivered-To: freebsd-chat@freebsd.org Received: from citusc.usc.edu (citusc.usc.edu [128.125.38.123]) by hub.freebsd.org (Postfix) with ESMTP id 4B3F537B400 for ; Thu, 4 Jan 2001 04:58:03 -0800 (PST) Received: (from kris@localhost) by citusc.usc.edu (8.9.3/8.9.3) id EAA06293; Thu, 4 Jan 2001 04:58:30 -0800 Date: Thu, 4 Jan 2001 04:58:30 -0800 From: Kris Kennaway To: Rahul Siddharthan Cc: chat@freebsd.org Subject: Re: desktops and mounting Message-ID: <20010104045830.A6003@citusc.usc.edu> References: <20010104115026.B10414@lpt.ens.fr> Mime-Version: 1.0 Content-Type: multipart/signed; micalg=pgp-md5; protocol="application/pgp-signature"; boundary="PEIAKu/WMn1b1Hv9" Content-Disposition: inline User-Agent: Mutt/1.2i In-Reply-To: <20010104115026.B10414@lpt.ens.fr>; from rsidd@physics.iisc.ernet.in on Thu, Jan 04, 2001 at 11:50:26AM +0100 Sender: kris@citusc.usc.edu Sender: owner-freebsd-chat@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.org --PEIAKu/WMn1b1Hv9 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline On Thu, Jan 04, 2001 at 11:50:26AM +0100, Rahul Siddharthan wrote: > Recently while setting up a FreeBSD machine for desktop use, and > watching linux users on their machines, it seemed to me that > everything that can be done on linux can be done equally easily on > FreeBSD -- except non-root mounting of removable media (like floppies, > CDROMs). You can't allow user mounts simply by adding a "user" option > in /etc/fstab, and simple point-and-clicking in KDE/GNOME doesn't work > either. There's a sysctl which allows user mounting of filesystems (vfs.usermount). And it *is* a potential security hole if your permissions aren't set right. Set the sysctl in rc.sysctl, add the file system to fstab with noauto, and then any user who passes the permissions check can mount it on demand. Kris --PEIAKu/WMn1b1Hv9 Content-Type: application/pgp-signature Content-Disposition: inline -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.4 (GNU/Linux) Comment: For info see http://www.gnupg.org iD8DBQE6VHN1Wry0BWjoQKURAuMVAKD1wb0q/JuB4ntgdXt8D8v+tu2fmwCeP9zx FE1i19lcsRIw0Coxh2C/M3o= =ViP5 -----END PGP SIGNATURE----- --PEIAKu/WMn1b1Hv9-- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-chat" in the body of the message