Date: Sun, 8 Jun 2003 11:57:04 -0400 (EDT) From: Robert Watson <rwatson@freebsd.org> To: zk <zk@wspim.edu.pl> Cc: security@freebsd.org Subject: Re: Removable media security in FreeBSD Message-ID: <Pine.NEB.3.96L.1030608115332.67632D-100000@fledge.watson.org> In-Reply-To: <20030608080429.GA234@hhos.serious.ld>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, 8 Jun 2003, zk wrote: > On Sun, Jun 08, 2003 at 01:28:50AM -0600, Brett Glass wrote: > > since this would allow anyone to write someone else's removable media. Is > > there a standard, SECURE way of allowing an unprivileged user at the console > > to get at removable media that s/he has inserted in the machine? > > Create group floppy, chown 0:floopy /dev/floppy*, chmod g+rw /dev/fd0* > and add user to group floppy. And vfs.usermount=1 If the definition of the policy really means "any user who can log in at the console", I'd change the chown/chmod bits to a pointer to fbtab, and use vfs.usermount. On the "SECURE" front -- well, it depends a bit on how robust our file system support is. Bad UFS file systems can cause the FreeBSD kernel to behave improperly, since it's assumed that file systems will be clean or explicitly checked before mounting. I've never really experimented much with our FAT file system support to see how robust it is; we have a 5.2-RELEASE TODO list item to merge some robustness improvements from the Darwin implementation back into FreeBSD, which suggests our implementation could be improved on :-). I believe our usermount support carefully sets nodev, nosuid, etc, on any file systems mounted by root, but haven't tested that in a bit. Robert N M Watson FreeBSD Core Team, TrustedBSD Projects robert@fledge.watson.org Network Associates Laboratories
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.NEB.3.96L.1030608115332.67632D-100000>