From owner-freebsd-questions Mon Jun 5 11:15: 4 2000 Delivered-To: freebsd-questions@freebsd.org Received: from karon.dynas.se (karon.dynas.se [192.71.43.4]) by hub.freebsd.org (Postfix) with SMTP id 145EE37B9B2 for ; Mon, 5 Jun 2000 11:14:59 -0700 (PDT) (envelope-from mikko@dynas.se) Received: (qmail 96391 invoked from network); 5 Jun 2000 18:14:54 -0000 Received: from spirit.sto.dynas.se (HELO spirit.dynas.se) (172.16.1.10) by karon.sto.dynas.se with SMTP; 5 Jun 2000 18:14:54 -0000 Received: (qmail 6449 invoked from network); 5 Jun 2000 18:15:10 -0000 Received: from m2.dynas.se (172.16.1.168) by spirit.dynas.se with SMTP; 5 Jun 2000 18:15:10 -0000 Received: (from mikko@localhost) by m2.dynas.se (8.9.3/8.9.3) id UAA79061; Mon, 5 Jun 2000 20:17:46 +0200 (CEST) (envelope-from mikko) Date: Mon, 5 Jun 2000 20:17:46 +0200 (CEST) From: Mikko Tyolajarvi Message-Id: <200006051817.UAA79061@m2.dynas.se> To: lowell@world.std.com Cc: freebsd-questions@freebsd.org Subject: Re: User-mounting floppies (was Re: stupid questions) X-Newsreader: NN version 6.5.6 (NOV) Sender: owner-freebsd-questions@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG In freebsd-questions you write: >Willem Brown writes: >> If you were to create another group, called floppy or something. Change >> the group on /dev/fd0 and the mount point to floppy with mod 0660, would >> that not solve the problem without allowing for the opportunity to break >> other things? >This works fine for a system that's assumed to be single-user, and on >which all of the users are assumed to be trusted. That *was* the >assumption of the person to whom you were responding, but it's >something you have to be a little careful with. Note that in that >situation, there are a *lot* of solutions that will work fine. >One of the hardest cases is that of a public "terminal room," where >not only can't the users be given root powers, but their files have to >be protected from *each* *other* as well, and only the person with >physical access to the drive should be able to mount (or umount) the >device. In FreeBSD, the only way I can think of to do this is by >using xdm (or equivalent), and adjusting permissions to the relevant >devices in much the same way as is done for the console. Have a look at fbtab(5). /Mikko To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-questions" in the body of the message