Usenet 1994 January

home *** CD-ROM | disk | FTP | other *** search

/ Usenet 1994 January / usenetsourcesnewsgroupsinfomagicjanuary1994.iso / sources / misc / volume22 / cdmount2 / part01 next >

Wrap

Text File | 1991-08-21 | 13.0 KB | 405 lines

Newsgroups: comp.sources.misc From: Kent Landfield <kent@sparky.imd.sterling.com> Subject: v22i030: cdmount2 - Giving general users access to CDROM, Part01/01 Message-ID: <1991Aug20.051242.29798@sparky.IMD.Sterling.COM> Date: Tue, 20 Aug 1991 05:12:42 GMT Approved: kent@sparky.imd.sterling.com X-Md4-Signature: e43011514499eee8d6a959da50c643a3 Submitted-by: Kent Landfield <kent@sparky.imd.sterling.com> Posting-number: Volume 22, Issue 30 Archive-name: cdmount2/part01 Environment: SUN, CDROM Supersedes: cdmount: Volume 22, Issue 28 Boy when I want to be dumb... This is an updated version of the cdmount utilities with a few 747 sized security holes fixed. The following changes were made in this version. - Made the nosuid option mandatory, - Enforced a standard PATH. mount will do, as root, an execlp("mount_hsfs"), and a user can cause his own version of mount_hsfs to be run. - Restrict the directories the disk can be mounted on to /cdrom. It would be dangerous to let people mount filesystems on /etc or /usr/bin, for instance. If you are using cdmount, *please* replace it with this much more secure version. The idea was to not give away the store... :-) It is truly amazing how much trouble a person can generate over a lunch hour... -Kent+ --- #! /bin/sh # into a shell via "sh file" or similar. To overwrite existing files, # type "sh file -c". # The tool that generated this appeared in the comp.sources.unix newsgroup; # send mail to comp-sources-unix@uunet.uu.net if you want that tool. # Contents: README Makefile cdmount.1 cdmount.c cdumount.1 # Wrapped by kent@sparky on Mon Aug 19 23:46:23 1991 PATH=/bin:/usr/bin:/usr/ucb ; export PATH echo If this archive is complete, you will see the following message: echo ' "shar: End of archive 1 (of 1)."' if test -f 'README' -a "${1}" != "-c" ; then echo shar: Will not clobber existing file \"'README'\" else echo shar: Extracting \"'README'\" $1186 characters$ sed "s/^X//" >'README' <<'END_OF_FILE' X XThis directory contains sources for the administrator to allow general Xusers to mount and access CD-ROMs without having to know the root Xpassword. Mount is limited to root so the cdmount and cdumount commands Xare needed to insure greater usability of the cdplayers and better overall Xsecurity. X XThis software is Copyright (c) 1991 by Kent Landfield. X XPermission is hereby granted to copy, distribute or otherwise Xuse any part of this package as long as you do not try to make Xmoney from it or pretend that you wrote it. This copyright Xnotice must be maintained in any copy made. X XUse of this software constitutes acceptance for use in an AS IS Xcondition. There are NO warranties with regard to this software. XIn no event shall the author be liable for any damages whatsoever Xarising out of or in connection with the use or performance of this Xsoftware. Any use of this software is at the user's own risk. X X If you make modifications to this software that you feel X increases it usefulness for the rest of the community, please X email the changes, enhancements, bug fixes as well as any and X all ideas to me. X X Kent Landfield X kent@sparky.imd.sterling.com X END_OF_FILE if test 1186 -ne `wc -c <'README'`; then echo shar: \"'README'\" unpacked with wrong size! fi # end of 'README' fi if test -f 'Makefile' -a "${1}" != "-c" ; then echo shar: Will not clobber existing file \"'Makefile'\" else echo shar: Extracting \"'Makefile'\" $1938 characters$ sed "s/^X//" >'Makefile' <<'END_OF_FILE' X########################################################## X# X# @(#)Makefile 1.1 8/17/91 - CDmount X# X# This software is Copyright (c) 1991 by Kent Landfield. X# X# Permission is hereby granted to copy, distribute or otherwise X# use any part of this package as long as you do not try to make X# money from it or pretend that you wrote it. This copyright X# notice must be maintained in any copy made. X# X# Use of this software constitutes acceptance for use in an AS IS X# condition. There are NO warranties with regard to this software. X# In no event shall the author be liable for any damages whatsoever X# arising out of or in connection with the use or performance of this X# software. Any use of this software is at the user's own risk. X# X# If you make modifications to this software that you feel X# increases it usefulness for the rest of the community, please X# email the changes, enhancements, bug fixes as well as any and X# all ideas to me. This software is going to be maintained and X# enhanced as deemed necessary by the community. X# X# Kent Landfield X# sparky!kent X# kent@sparky.imd.sterling.com X# X########################################################## X XDESTDIR=/usr/local/bin XMANDIR=/usr/man/manl X Xall: cdmount cdumount X Xcdmount: X $(CC) $(CFLAGS) -o cdmount cdmount.c X Xcdumount: cdmount.c X chown root cdmount X chgrp bin cdmount X chmod u+s cdmount X rm -f cdumount X ln cdmount cdumount X Xinstall: all X @echo "install according to local conventions" X install -c -s -o root -g bin -m 6755 cdmount $(DESTDIR) X rm -f $(DESTDIR)/cdumount X ln $(DESTDIR)/cdmount $(DESTDIR)/cdumount X install -c -o bin -g bin -m 0644 cdmount.1 $(MANDIR)/cdmount.l X install -c -o bin -g bin -m 0644 cdumount.1 $(MANDIR)/cdumount.l X Xclean: X rm -f cdmount cdumount X Xprint: X cprint Makefile | lpr -Plw X cprint README | lpr -Plw X cprint cdmount.c | lpr -Plw X psroff -man cdmount.1 X psroff -man cdumount.1 END_OF_FILE if test 1938 -ne `wc -c <'Makefile'`; then echo shar: \"'Makefile'\" unpacked with wrong size! fi # end of 'Makefile' fi if test -f 'cdmount.1' -a "${1}" != "-c" ; then echo shar: Will not clobber existing file \"'cdmount.1'\" else echo shar: Extracting \"'cdmount.1'\" $702 characters$ sed "s/^X//" >'cdmount.1' <<'END_OF_FILE' X'br "@(#)cdmount.1 1.2 8/19/91" X.TH CDMOUNT 1 LOCAL X.SH NAME Xcdmount \- Mount a CD-ROM without being superuser X.SH SYNOPSIS X.B cdmount X[ X.B \-dhv X] X.SH DESCRIPTION X.I cdmount Xallows a user who is not the superuser to mount a CD-ROM. The XCD is mounted on the directory /cdrom. The mount point /cdrom Xmust be a directory and not a symbolic link to a directory. The XCD is mounted as readonly so the user cannot write to the CD. X.SH OPTIONS X.IP "-d" 6 XDebugging, shows the mount command without executing it. X.IP "-h" XMount an ISO 9660 Standard or High Sierra Standard CD_ROM Filesystem. X.IP "-v" X.SH AUTHOR XKent Landfield <kent@sparky.imd.sterling.com> X.SH "SEE ALSO" Xcdumount(1), fstab(5), mount(8) END_OF_FILE if test 702 -ne `wc -c <'cdmount.1'`; then echo shar: \"'cdmount.1'\" unpacked with wrong size! fi # end of 'cdmount.1' fi if test -f 'cdmount.c' -a "${1}" != "-c" ; then echo shar: Will not clobber existing file \"'cdmount.c'\" else echo shar: Extracting \"'cdmount.c'\" $4539 characters$ sed "s/^X//" >'cdmount.c' <<'END_OF_FILE' X/* X** Subsystem: User Level mount for CD-ROM X** File Name: cdmount.c X** X** This software is Copyright (c) 1991 by Kent Landfield. X** X** Permission is hereby granted to copy, distribute or otherwise X** use any part of this package as long as you do not try to make X** money from it or pretend that you wrote it. This copyright X** notice must be maintained in any copy made. X** X** Use of this software constitutes acceptance for use in an AS IS X** condition. There are NO warranties with regard to this software. X** In no event shall the author be liable for any damages whatsoever X** arising out of or in connection with the use or performance of this X** software. Any use of this software is at the user's own risk. X** X** If you make modifications to this software that you feel X** increases it usefulness for the rest of the community, please X** email the changes, enhancements, bug fixes as well as any and X** all ideas to me. This software is going to be maintained and X** enhanced as deemed necessary by the community. X** X** Kent Landfield X** sparky!kent X** kent@sparky.imd.sterling.com X*/ X#if !defined(lint) && !defined(SABER) Xstatic char SID[] = "@(#)cdmount.c 1.2 8/19/91"; X#endif X X#include <stdio.h> X#include <sys/types.h> X#include <sys/stat.h> X X#define MNTPOINT "/cdrom" X Xvoid usage(progname) Xchar *progname; X{ X (void) fprintf(stderr, "\nusage: %s [ -dhv ]\ X\n\noptions:\n\ X -d show the mount command without executing it\n\ X -h mount an ISO 9660 or High Sierra CD_ROM Filesystem\n\ X -v show the mount command and execute it\n\ X\n", progname); X} X Xint main(argc, argv) Xint argc; Xchar **argv; X{ X int getopt(); X char *strrchr(); X X extern char *optarg; X extern int optind; X extern int opterr; X X char *cp; X char cmd[256]; X int rc; X int debug; X int iso9660; X struct stat stb; X X if ((cp = strrchr(argv[0],'/')) != NULL) X ++cp; X else X cp = argv[0]; X X /* X ** Setup IFS for system() protection... X */ X if (putenv("IFS= \t\n") != 0) { X (void) fprintf(stderr,"%s: IFS putenv failed...\n", cp); X return(1); X } X X /* X ** Setup PATH for execlp() protection... X */ X if (putenv("PATH=/etc:/usr/etc:/bin:/usr/bin") != 0) { X (void) fprintf(stderr,"%s: PATH putenv failed...\n", cp); X return(1); X } X X /* X ** If the user is requesting to mount a CD.. X */ X if (strcmp(cp, "cdmount") == 0) { X iso9660 = 0; X opterr = 0; X debug = 0; X /* X ** Assure that the mount point is there and in a X ** directory and not a symbolic link .. X */ X if (lstat(MNTPOINT, &stb) != 0) { X (void) fprintf(stderr, "%s: mount point missing\n", MNTPOINT); X return(1); X } X if ((stb.st_mode & S_IFMT) != S_IFDIR) { X (void) fprintf(stderr, "%s: invalid mount point\n", MNTPOINT); X return(1); X } X X if (argc > 1) { X while ((rc = getopt(argc, argv, "dhv")) != EOF) { X switch (rc) { X case 'd': /* debugging - does not run command. */ X debug = 1; X break; X case 'v': /* verbose - runs command. */ X debug = 2; X break; X case 'h': X /* X ** mount an ISO 9660 Standard or High X ** Sierra Standard CD-ROM filesystem. X */ X iso9660++; X break; X default: X usage(cp); X return(1); X } X } X } X X /* build the command line.. */ X X (void) sprintf(cmd, "/etc/mount -r %s -o nosuid /dev/sr0 %s", X iso9660 ? "-t hsfs" : "", MNTPOINT); X if (debug) X (void) fprintf(stderr, "%s\n", cmd); X if (debug != 1) X rc = system(cmd); X } X X /* X ** The user is requesting to dismount a CD... X */ X else if (strcmp(cp, "cdumount") == 0) { X rc = system("/etc/umount /dev/sr0 && /usr/bin/eject /dev/sr0 2>/dev/null"); X } X X /* X ** Improperly named/linked executables, I'm confused... X */ X else { X (void) fprintf(stderr, "%s: I don't know who I am... ? \n", cp); X rc = 1; X } X return(rc >> 8); X} END_OF_FILE if test 4539 -ne `wc -c <'cdmount.c'`; then echo shar: \"'cdmount.c'\" unpacked with wrong size! fi # end of 'cdmount.c' fi if test -f 'cdumount.1' -a "${1}" != "-c" ; then echo shar: Will not clobber existing file \"'cdumount.1'\" else echo shar: Extracting \"'cdumount.1'\" $388 characters$ sed "s/^X//" >'cdumount.1' <<'END_OF_FILE' X'br "@(#)cdumount.1 1.1 8/17/91" X.TH CDUMOUNT 1 LOCAL X.SH NAME Xcdumount \- Unount a CD-ROM without being superuser X.SH SYNOPSIS X.B cdumount X.SH DESCRIPTION X.I cdumount Xallows a user who is not the superuser to unmount a CD-ROM. The CD is Xejected after it is successfully unmounted. X.SH AUTHOR XKent Landfield <kent@sparky.imd.sterling.com> X.SH "SEE ALSO" Xcdmount(1), fstab(5), mount(8) END_OF_FILE if test 388 -ne `wc -c <'cdumount.1'`; then echo shar: \"'cdumount.1'\" unpacked with wrong size! fi # end of 'cdumount.1' fi echo shar: End of archive 1 $of 1$. cp /dev/null ark1isdone MISSING="" for I in 1 ; do if test ! -f ark${I}isdone ; then MISSING="${MISSING} ${I}" fi done if test "${MISSING}" = "" ; then echo You have the archive. rm -f ark[1-9]isdone else echo You still must unpack the following archives: echo " " ${MISSING} fi exit 0 exit 0 # Just in case... -- Kent Landfield INTERNET: kent@sparky.IMD.Sterling.COM Sterling Software, IMD UUCP: uunet!sparky!kent Phone: (402) 291-8300 FAX: (402) 291-4362 Please send comp.sources.misc-related mail to kent@uunet.uu.net.