From owner-freebsd-ports-bugs@FreeBSD.ORG  Sat Aug  4 10:20:00 2007
Return-Path: <owner-freebsd-ports-bugs@FreeBSD.ORG>
Delivered-To: freebsd-ports-bugs@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34])
	by hub.freebsd.org (Postfix) with ESMTP id 09F5516A479
	for <freebsd-ports-bugs@freebsd.org>;
	Sat,  4 Aug 2007 10:20:00 +0000 (UTC)
	(envelope-from ighighi@gmail.com)
Received: from ag-out-0708.google.com (ag-out-0708.google.com [72.14.246.246])
	by mx1.freebsd.org (Postfix) with ESMTP id D6FA613C459
	for <freebsd-ports-bugs@freebsd.org.>;
	Sat,  4 Aug 2007 10:19:59 +0000 (UTC)
	(envelope-from ighighi@gmail.com)
Received: by ag-out-0708.google.com with SMTP id 26so1469870agb
	for <freebsd-ports-bugs@freebsd.org.>;
	Sat, 04 Aug 2007 03:19:58 -0700 (PDT)
DKIM-Signature: a=rsa-sha1; c=relaxed/relaxed; d=gmail.com; s=beta;
	h=domainkey-signature:received:received:message-id:date:from:user-agent:mime-version:to:subject:content-type:content-transfer-encoding;
	b=f2CpHbys/UtnXUT/oNZJ6+QyXWCXq0C1BPe9O1E0RhKAw5fGc2E6i876Vn6429sqI+xo6c1nNoMl+apU4+X6ON62a8S5n78t3GJU/n15fw2vglG/GTdBbEZn68W7hiJhKaF5+OHC4MffxPfj/T1fO5BkX7L0zt+kFBikvab6LxM=
DomainKey-Signature: a=rsa-sha1; c=nofws; d=gmail.com; s=beta;
	h=received:message-id:date:from:user-agent:mime-version:to:subject:content-type:content-transfer-encoding;
	b=Q2PSOxyZoiO/xfsZU4n4tifbYzW7HuE4CHY0ll8CQJ+W4F2Hg2gEwBkAbc5Rjl6TwCm2Y0OzEXwsm11ekQNN0TJrIlYOf7r66L2R1yglr3EwNkQM5c0IUehJGMyfTraPke4PneT0Q4/3MADjYJMmTeiy2TWWu5VD/6kic0A+4P0=
Received: by 10.70.22.15 with SMTP id 15mr6490282wxv.1186221892792;
	Sat, 04 Aug 2007 03:04:52 -0700 (PDT)
Received: from orion.nebula.mil ( [200.44.87.122])
	by mx.google.com with ESMTPS id i40sm6641425wxd.2007.08.04.03.04.50
	(version=TLSv1/SSLv3 cipher=RC4-MD5);
	Sat, 04 Aug 2007 03:04:52 -0700 (PDT)
Message-ID: <46B44F32.2020206@gmail.com>
Date: Sat, 04 Aug 2007 06:04:34 -0400
From: Ighighi <ighighi@gmail.com>
User-Agent: Thunderbird 2.0.0.6 (X11/20070803)
MIME-Version: 1.0
To: freebsd-ports-bugs@freebsd.org.,  sem@freebsd.org
Content-Type: text/plain; charset=ISO-8859-1; format=flowed
Content-Transfer-Encoding: 7bit
Cc: 
Subject: Re: ports/112754: VERY SERIOUS security bug in sysutils/eject
X-BeenThere: freebsd-ports-bugs@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: Ports bug reports <freebsd-ports-bugs.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ports-bugs>, 
	<mailto:freebsd-ports-bugs-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/freebsd-ports-bugs>
List-Post: <mailto:freebsd-ports-bugs@freebsd.org>
List-Help: <mailto:freebsd-ports-bugs-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/freebsd-ports-bugs>, 
	<mailto:freebsd-ports-bugs-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sat, 04 Aug 2007 10:20:00 -0000

Using sudo(8) isn't necessary. The same permissions that would allow any 
user to mounting filesystems on removable media allow for un-mounting as 
well... See the entry on "How do I let ordinary users mount floppies,
CDROMs and other removable media?" on the FAQ:

http://www.freebsd.org/./doc/en_US.ISO8859-1/books/faq/disks.html#USER-FLOPPYMOUNT