Mounting floppies
John Chambers
jc at minya.UUCP
Thu Nov 24 15:03:34 AEST 1988
In article <14598 at mcdchg.chi.il.us>, heiby at mcdchg.chi.il.us (Ron Heiby) writes:
> John Chambers (jc at minya.UUCP) writes:
> > This despite the fact that the /dev/dsk file has 666 permissions and
> > /fd has 777 permissions. Only root can do a mount.
> >
> > This sorta interferes with users sticking a floppy in and saying
> > to mount it.
...
> [Explanation of security problems deleted]
Yeah, I said in the original posting that I understood why for a big
installation it might not be a good idea. But this is a two-user system,
and we're good friends (POSSLQs, actually ;-). It's the sort of environment
where most people would use DOS, but we're smarter than that, and have
Unix. We'd like Unix to be able to do some things that DOS can do, like
sticking in a floppy disk and using its files.
> In your environment, where there are only one or two people using the
> machine, this is probably no big deal. Do what you want. Your vendor
> doesn't know ahead of time how you plan to use the system, though.
OK, so how do I get it to do what I want? It seems to me that if I'm
interested in securing access to the floppy drive, that making it owned
by root or daemon or bin with 770 permissions would be sufficient notice
to mount that mere users aren't to touch it. I've set the permissions
to 777, which should convince mount that the system's owner has decided
to let anyone use the device. But mount refuses to do it anyway, even
though root has given permission. This seems rather pointless to me.
This strikes me as a case where a setuid-root script (which this Sys/V
doesn't have) would come in very handy. I don't think it's a *good*
use of setuid-root, because I don't think I should have to play any
such games at all. But it would work.
--
John Chambers <{adelie,ima,maynard,mit-eddie}!minya!{jc,root}> (617/484-6393)
[Any errors in the above are due to failures in the logic of the keyboard,
not in the fingers that did the typing.]
More information about the Comp.unix.wizards
mailing list