From owner-freebsd-stable Sun Dec 5 10:38:34 1999 Delivered-To: freebsd-stable@freebsd.org Received: from mail.wzrd.com (mail.wzrd.com [206.99.165.3]) by hub.freebsd.org (Postfix) with ESMTP id A2999153FB for ; Sun, 5 Dec 1999 10:38:31 -0800 (PST) (envelope-from danh@wzrd.com) Received: by mail.wzrd.com (Postfix, from userid 91) id B76BD5D05A; Sun, 5 Dec 1999 13:38:30 -0500 (EST) Subject: Re: Non-root mounting of CD-ROMs In-Reply-To: <19991205175354.B696@marder-1> from Mark Ovens at "Dec 5, 1999 5:53:54 pm" To: mark@ukug.uk.freebsd.org (Mark Ovens) Date: Sun, 5 Dec 1999 13:38:30 -0500 (EST) Cc: freebsd-stable@freebsd.org X-Mailer: ELM [version 2.4ME+ PL43 (25)] MIME-Version: 1.0 Content-Type: text/plain; charset=US-ASCII Content-Transfer-Encoding: 7bit Content-Length: 1810 Message-Id: <19991205183830.B76BD5D05A@mail.wzrd.com> From: danh@wzrd.com (Dan Harnett) Sender: owner-freebsd-stable@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG You should be able to allow anyone to mount anything without setting the setuid bit on /sbin/mount*. First, the permissions on the actual device need to be changed so a user can access that device. Second, a simple sysctl will let the user mount a device: sysctl -w vfs.usermount=1 As an alternative, you could put the user into the operator group, but this will give the user more privileges than probably intended. Dan Harnett > A thread on the UK User Group mailing list about non-root users > mounting CD-ROMs included posts from a couple of people running > -STABLE who could do this. I tried and it doesn't work for me. A > ktrace(1) showed the call to mount(2) returning EPERM, which is what I > would expect. > > After several posts we established that the only differences we could > find between my setup and theirs is that I'm using a SCSI CD-ROM and > they both have IDE. Additionally, their systems were cvsup'd more > recently than mine (mine was around the end of September) and no-one > has made /sbin/mount* setuid. > > A look through the CVS logs on the web-site shows that there have been > quite a few changes to mount in the last couple of months. > > So, the question is, should a non-root user be able to mount a CD-ROM > (without making /sbin/mount* setuid)? > > -- > PERL has been described as "the duct tape of the Internet" > and "the Unix Swiss Army chainsaw" > - Computer Shopper 12/99 > ________________________________________________________________ > FreeBSD - The Power To Serve http://www.freebsd.org > My Webpage http://ukug.uk.freebsd.org/~mark/ > mailto:mark@ukug.uk.freebsd.org http://www.radan.com > > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-stable" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-stable" in the body of the message