From owner-freebsd-security@FreeBSD.ORG Tue Jun 10 04:47:43 2003 Return-Path: Delivered-To: freebsd-security@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id 3E20437B401 for ; Tue, 10 Jun 2003 04:47:43 -0700 (PDT) Received: from relay2.mecon.ar (relay2.mecon.ar [168.101.16.11]) by mx1.FreeBSD.org (Postfix) with ESMTP id 14E4243FB1 for ; Tue, 10 Jun 2003 04:47:41 -0700 (PDT) (envelope-from fernando@mecon.gov.ar) Received: from racing.mecon.ar (racing.mecon.ar [168.101.133.15]) by relay2.mecon.ar (8.12.6p2/8.12.6) with ESMTP id h5ABlXEt077237; Tue, 10 Jun 2003 08:47:33 -0300 (ART) (envelope-from fernando@mecon.gov.ar) Received: from racing.mecon.ar (meyosp.mecon.gov.ar [10.11.0.149]) by racing.mecon.ar (8.12.6/8.12.6) with ESMTP id h5ABjRQ0041687; Tue, 10 Jun 2003 08:45:28 -0300 (ART) (envelope-from fernando@mecon.gov.ar) Received: from bal740r0.mecon.gov.ar (bal740r0.mecon.ar [10.11.1.11]) by racing.mecon.ar (8.12.6/8.12.6) with ESMTP id h5ABjRNc041684; Tue, 10 Jun 2003 08:45:27 -0300 (ART) (envelope-from fernando@mecon.gov.ar) Received: from bal740r0.mecon.gov.ar (localhost [127.0.0.1]) by bal740r0.mecon.gov.ar (8.12.6/8.12.6) with ESMTP id h5ABjRIs000381; Tue, 10 Jun 2003 08:45:27 -0300 (ART) (envelope-from fernando@mecon.gov.ar) Received: (from fpscha@localhost) by bal740r0.mecon.gov.ar (8.12.6/8.12.6/Submit) id h5ABjPYX000380; Tue, 10 Jun 2003 08:45:25 -0300 (ART) (envelope-from fernando@mecon.gov.ar) X-Authentication-Warning: bal740r0.mecon.gov.ar: fpscha set sender to fernando@mecon.gov.ar using -f Date: Tue, 10 Jun 2003 08:45:25 -0300 From: Fernando Schapachnik To: Brett Glass Message-ID: <20030610114525.GA318@bal740r0.mecon.gov.ar> References: <20030609140347.B13040@fubar.adept.org> <200306092254.QAA10240@lariat.org> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <200306092254.QAA10240@lariat.org> User-Agent: Mutt/1.4.1i X-OS: FreeBSD 4.7 - http://www.freebsd.org cc: security@freebsd.org Subject: Re: Removable media security in FreeBSD X-BeenThere: freebsd-security@freebsd.org X-Mailman-Version: 2.1.1 Precedence: list List-Id: Security issues [members-only posting] List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Tue, 10 Jun 2003 11:47:43 -0000 This is how I do it: mkdir ~user/cdrom chmod g+w /dev/acd0c sysctl vfs.usermount=1 pw user mod operador -m user /etc/fstab: /dev/acd0c /home/user/cdrom ... On the KDE Desktop, create a CD-ROM entry: [Desktop Action Eject] Exec=kdeeject %v Name=Eject [Desktop Entry] Actions=Eject Dev=/dev/acd0c Encoding=UTF-8 FSType=Default Icon=cdrom_mount MountPoint=/home/user/cdrom ReadOnly=true Type=FSDevice UnmountIcon=cdrom_unmount You can do the same for floppies. Also, the KDE entry can be created via the "New" menu, on the Desktop. Good luck. Fernando.