home *** CD-ROM | disk | FTP | other *** search
- Path: sparky!uunet!spool.mu.edu!agate!usenet.ins.cwru.edu!cert!news.sei.cmu.edu!fs7.ece.cmu.edu!crabapple.srv.cs.cmu.edu!andrew.cmu.edu!bg11+
- From: geek+@CMU.EDU (Brian E. Gallew)
- Newsgroups: comp.os.linux
- Subject: Re: How do I provide the floppys to normal users????
- Message-ID: <wf=Szqi00VAzM=BgMz@andrew.cmu.edu>
- Date: 15 Dec 92 14:47:18 GMT
- References: <1992Dec14.160121.10722@wega.rz.uni-ulm.de>
- <andrewc.724369870@aurora.cc.monash.edu.au>
- Organization: Administrative Computing & Info Services, Carnegie Mellon, Pittsburgh, PA
- Lines: 24
- In-Reply-To: <andrewc.724369870@aurora.cc.monash.edu.au>
-
- andrewc@aurora.cc.monash.edu.au (Andrew J. Cosgriff !) writes:
- > Well, it depends...If you don't mind the security risk you could just make
- > mount and umount setuid root, although this is NOT a Good Thing (tm) if
- > you've got dial-in access...
-
- Really bad idea! Not only is there dial-in, but we've also also got TCP/IP!.
- >
- > i guess you could make a setuid root script that checked what tty they're on
- > and what they're mounting, so they can only mount floppies and only when
-
- The only problem with this is that linux ignores the setuid bit for
- shell scripts. Too much of a security risk. Write a simple C program
- which will exec mount to mount the drive passed as a parameter. Make
- this executable setuid root. Maybe get fancy and have it try
- different parameters depending on the return status of mount. Maybe
- have it only mount certain devices for users on certain ttys. Be creative!
-
- -Brian
-
- -------------------------------------------------------------------------
- | "Are they dead?" |
- | "Does it matter?" |
- | - Pugsley and Wednesday in "The Addams Family." |
- -------------------------------------------------------------------------
-
