Date: Sat, 21 Apr 2001 20:04:43 +0200 (CEST) From: Paul Herman <pherman@frenchfries.net> To: <freebsd-current@FreeBSD.ORG> Subject: Re: /bin/df set-gid operator Message-ID: <Pine.BSF.4.33.0104211956290.88695-100000@husten.security.at12.de> In-Reply-To: <200104211745.TAA13326@lurza.secnetix.de>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, 21 Apr 2001, Oliver Fromme wrote:
> Paul Herman <pherman@frenchfries.net> wrote:
> > On Sat, 21 Apr 2001, Oliver Fromme wrote:
> > > I'm wondering why /bin/df is set-gid to the operator group
> > > by default.
> >
> > It's to df filesystems that aren't mounted. Try "df /dev/ad0s1a" (or
> > whatever) as user nobody with chmod 555 /bin/df.
>
> Ah, thanks for clueing me. :-)
> I didn't know that unprivileged users are supposed to be
> allowed to use df on non-mounted filesystems.
>
> I think I'll keep it at mode 555 on my machines.
This brings up a slightly related question: Now that "cooked" block
devices have been abolished, wouldn't it be a good idea to get rid of
the quick mount(2)/umount(2) of /tmp/df.XXXXXX to stat the file
system? Something like the following patch.
Not that it should ever get called anyway...
-Paul.
Index: df.c
===================================================================
RCS file: /home/ncvs/src/bin/df/df.c,v
retrieving revision 1.23.2.1
diff -u -r1.23.2.1 df.c
--- df.c 2000/06/13 03:19:40 1.23.2.1
+++ df.c 2001/04/21 18:02:18
@@ -208,40 +208,6 @@
} else if ((stbuf.st_mode & S_IFMT) == S_IFCHR) {
rv = ufs_df(*argv, maxwidth) || rv;
continue;
- } else if ((stbuf.st_mode & S_IFMT) == S_IFBLK) {
- if ((mntpt = getmntpt(*argv)) == 0) {
- mdev.fspec = *argv;
- mntpath = strdup("/tmp/df.XXXXXX");
- if (mntpath == NULL) {
- warn("strdup failed");
- rv = 1;
- continue;
- }
- mntpt = mkdtemp(mntpath);
- if (mntpt == NULL) {
- warn("mkdtemp(\"%s\") failed", mntpath);
- rv = 1;
- free(mntpath);
- continue;
- }
- if (mount("ufs", mntpt, MNT_RDONLY,
- &mdev) != 0) {
- rv = ufs_df(*argv, maxwidth) || rv;
- (void)rmdir(mntpt);
- free(mntpath);
- continue;
- } else if (statfs(mntpt, &statfsbuf) == 0) {
- statfsbuf.f_mntonname[0] = '\0';
- prtstat(&statfsbuf, maxwidth);
- } else {
- warn("%s", *argv);
- rv = 1;
- }
- (void)unmount(mntpt, 0);
- (void)rmdir(mntpt);
- free(mntpath);
- continue;
- }
} else
mntpt = *argv;
/*
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.33.0104211956290.88695-100000>