Skip site navigation (1)Skip section navigation (2)
Date:      Tue, 4 Jul 2000 09:54:32 +0200
From:      Brad Knowles <blk@skynet.be>
To:        cjclark@alum.mit.edu
Cc:        Vivek Khera <khera@kciLink.com>, freebsd-stable@FreeBSD.ORG
Subject:   Re: fstab mount options
Message-ID:  <v04220800b5874803e615@[195.238.1.121]>
In-Reply-To: <20000703163045.A248@dialin-client.earthlink.net>
References:  <m266qmc43b.fsf@reader.ptw.com> <14689.1084.894512.504331@onceler.kcilink.com> <v0422082db586be8b6c6b@[195.238.1.121]> <20000703163045.A248@dialin-client.earthlink.net>

next in thread | previous in thread | raw e-mail | index | archive | help
At 4:30 PM -0700 2000/7/3, Crist J. Clark wrote:

>  From the comment, I would say he has a SCSI Zip drive. The same line
>  could apply to Jaz, an ancient Bernoull, or the like.
>
>  The risk I see is does this method let users mount with setuid?

	Right, but if he had any other SCSI disks on the system (such as 
the disk with /, /usr, /var, etc...), wouldn't this also allow them 
to be mounted & unmounted as desired by the user?

	Certainly if you're talking about your own laptop or dedicated 
desktop machine, the rules can be relaxed somewhat.  However, in 
general this just seems to be a particularly unsafe practice.  That 
is, unless I've missed something fundamental?

--
   These are my opinions -- not to be taken as official Skynet policy
======================================================================
Brad Knowles, <blk@skynet.be>                || Belgacom Skynet SA/NV
Systems Architect, Mail/News/FTP/Proxy Admin || Rue Colonel Bourg, 124
Phone/Fax: +32-2-706.13.11/12.49             || B-1140 Brussels
http://www.skynet.be                         || Belgium


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-stable" in the body of the message




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?v04220800b5874803e615>