Re: [PLUG] Letting non-root mount floppy/cdrom

Kyle Burton on Wed, 9 Feb 2000 11:24:56 -0500 (EST)

[Date Prev] [Date Next] [Thread Prev] [Thread Next] [Date Index] [Thread Index]

Re: [PLUG] Letting non-root mount floppy/cdrom

From: Kyle Burton <mortis@voicenet.com>

To: plug@lists.nothinbut.net

Subject: Re: [PLUG] Letting non-root mount floppy/cdrom

Date: Wed, 9 Feb 2000 11:24:45 -0500 (EST)

Reply-to: plug@lists.nothinbut.net

Sender: plug-admin@lists.nothinbut.net

In your fstab, append 'user' to the list of options -- you shoul probably do a 'nosuid' if you're going to do a 'user' on the list of options: Setting your floppy with these options should allow a user to mount a floopy and not be root: /dev/fd0 /mnt/floppy vfat noauto,nosuid,user 0 0 I typicaly do the same thing for the cdrom: /dev/cdrom /mnt/cdrom iso9660 noauto,nosuid,ro,user 0 0 in these, noauto means don't mount the file system when 'mount -a' is issued (i.e. at boot time), nosuid menans don't allow suid binaries on the mounted file system -- allowing suid is a serious security issue, especially on removeable media. user means allow normal users to mount and unmount the filesystem. This is all in the fstab and mount manpages. k ------------------------------------------------------------------------------ "Success covers a multitude of blunders." -- George Bernard Shaw mortis@voicenet.com http://www.voicenet.com/~mortis ------------------------------------------------------------------------------ On Wed, 9 Feb 2000, Michael C. Toren wrote: > > We recently got two new machines to run solely linux (woohoo!) down here in > > the comp. sci. dept at St. Joe's. I want to be able to give non-root users > > the ability to mount/umount cdroms and floppies and also powerdown. I thought > > the easiest way to do this was to put a script owned by root in /usr/local/bin > > to do 'mount /dev/fd0 /mnt/floppy -t vfat' or whatever, then 'chmod +s' it, > > but that doesn't seem to be working. Any suggestions ? > > Shell scripts cannot be suid. One way around this would be to write a > simple C wrapper, which checks to see if the caller's UID matches those > found in a compile-time specified list, and then exec's mount. > > -mct > > ______________________________________________________________________ > Philadelphia Linux Users Group - http://plug.nothinbut.net > Announcements - http://lists.nothinbut.net/mail/listinfo/plug-announce > General Discussion - http://lists.nothinbut.net/mail/listinfo/plug > > ______________________________________________________________________ Philadelphia Linux Users Group - http://plug.nothinbut.net Announcements - http://lists.nothinbut.net/mail/listinfo/plug-announce General Discussion - http://lists.nothinbut.net/mail/listinfo/plug

Follow-Ups:

Re: [PLUG] Letting non-root mount floppy/cdrom
From: "Michael C. Toren" <mct@netaxs.com>

References:

Re: [PLUG] Letting non-root mount floppy/cdrom
From: "Michael C. Toren" <mct@netaxs.com>

Prev by Date: Re: [PLUG] Letting non-root mount floppy/cdrom

Next by Date: Re: [PLUG] Letting non-root mount floppy/cdrom

Previous by thread: Re: [PLUG] Letting non-root mount floppy/cdrom

Next by thread: Re: [PLUG] Letting non-root mount floppy/cdrom

Index(es):

Date

Thread