From owner-freebsd-questions Tue Jun 10 15:41:12 1997 Return-Path: Received: (from root@localhost) by hub.freebsd.org (8.8.5/8.8.5) id PAA09102 for questions-outgoing; Tue, 10 Jun 1997 15:41:12 -0700 (PDT) Received: from castor2.freiepresse.de ([194.25.232.30]) by hub.freebsd.org (8.8.5/8.8.5) with ESMTP id PAA09084 for ; Tue, 10 Jun 1997 15:41:03 -0700 (PDT) Received: from speedy.gerhardnet (ppp-pln188.freiepresse.de [194.25.234.188]) by castor2.freiepresse.de (8.8.4/8.8.4) with SMTP id XAA11559; Tue, 10 Jun 1997 23:39:03 -0100 (Etc/GMT) Message-ID: <339DD4F4.AE3@abo.freiepresse.de> Date: Wed, 11 Jun 1997 00:28:04 +0200 From: Gerhard Sittig Reply-To: G.Sittig@abo.freiepresse.de X-Mailer: Mozilla 3.01 [de] (Win95; I) MIME-Version: 1.0 To: Gerard Giamberdine CC: FreeBSD-questions Subject: Re: Ordinary user mounting floppy question/problem References: Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-questions@FreeBSD.ORG X-Loop: FreeBSD.org Precedence: bulk On Mon, 9 Jun 1997, Gerard Giamberdine wrote: > Can a ordinary user on a FBSD 2.2.2 system mount a 1.44M floppy drive. > (I read somewhere that it's not allowed?). If it can be done, I'm sure > running out of idea why as root I can, but not as anybody else. All > attempts return: > > mount_msdos /dev/fd0.1440 /mnt (or mount -t msdos ...) Mounting filesystems SHOULD be allowed to root only. Since anyone who can mount a media does bring a filesystem with him, he has the ability to bring special files and files with special ownerships and permissions with him. That's something I wouldn't want allow to any user. And IMHO there's no need to mount floppies. Making the floppy devices world readable and writable allows for tarring from / to them. Reading / writing DOS diskettes can be done using the mtools. And in case you DO need mounting you might want to have some customized commands executed via sudo or the like (is there something like that in FBSD ?). Allowing mounting to anyone will open the holes mentioned above. Making available DOS mounts only will just give more files to add (with no ownerships and specials and the like). But I'd prefer saying mread a:/file . do something mwrite file a: or even mtype a:/file | tar tvzf - -- virtually yours -- G.Sittig@abo.FreiePresse.DE If you don't understand or are scared by any of the above ask your parents or an adult to help you.