Date: Thu, 4 Jan 2001 14:51:47 +0200 From: Stefan KORONKA <KoronkaS@interscope.ro> To: 'Rahul Siddharthan' <rsidd@physics.iisc.ernet.in> Cc: "'chat@freebsd.org'" <chat@freebsd.org> Subject: RE: desktops and mounting Message-ID: <D08F9E2FE307D411857300104B34F1A202DB45@URANUS>
next in thread | raw e-mail | index | archive | help
> Stefan KORONKA said on Jan 4, 2001 at 14:22:53: > > > From: Rahul Siddharthan > > > > > > Recently while setting up a FreeBSD machine for desktop use, and > > > watching linux users on their machines, it seemed to me that > > > everything that can be done on linux can be done equally easily on > > > FreeBSD -- except non-root mounting of removable media > (like floppies, > > > CDROMs). You can't allow user mounts simply by adding a > "user" option > > > in /etc/fstab, and simple point-and-clicking in KDE/GNOME > doesn't work > > > either. > > > > Yes, I am one of those who don't like to su every time I > need to mount > > something. So I did the following: > > > > chmod 4555 /sbin/mount* > > chmod 4555 /sbin/umount > > > > Read the chmod man page to see what that 4 bit means. You > can do the same > > for all the utilities who need root access. In order to > improve security, > > you can something like: > > > > chgrp somegroup mount* > > chmod 4550 mount* > > > > and add your users to the "somegroup" group. > > Interesting. Now that I look and see, the mount program is already > suid on linux systems. However, won't doing this mean that > an arbitrary > user can mount/dismount any filesystem, not just the CDROM? (linux > has the "user" option in /etc/fstab which is required for non-root > mounting.) > Yes, I know. Of course, you can do only "chmod 4550 mount_cd9660", but you still need to modify the access for the umount. You better ask this on -questions; i am wondering what the answer is too - if there will be some answer. stefan To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-chat" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?D08F9E2FE307D411857300104B34F1A202DB45>