Re: [gentoo-user] SUID mounts

2006-02-28 Thread Zac Slade 
On Tuesday 28 February 2006 00:56, Ow Mun Heng wrote:
 Hi All,

   I'm having some issues with enabling programs to be suid root. Stuffs
 like /bin/mount /usr/bin/mount.cifs is already in mode 47xx and I still
 get errors that I have no permissions to execute it (to mount)
If the mount point is not specified in /etc/fstab then only root can do the 
mount.  If it's in /etc/fstab it needs the option users to allow this.  There 
are exceptions, like when HAL manages the mount for you.

 (I'm troubleshooting another program but using mount as an example as
 the error symptom is the same)
What is the other program?  What is the real issue?  Mount is sort of special.
-- 
Zac Slade
[EMAIL PROTECTED]
ICQ:1415282 YM:krakrjak AIM:ttyp99
-- 
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] SUID mounts

2006-02-28 Thread Mattias Merilai 

Ow Mun Heng wrote:


or do I need to chgrp /bin/mount into group-owned by disk/wheel?
 


Yes you do, and for /bin/mount, it already should be 4755 root:root.
SUID bit makes the program to be executed in the rights the owner of it, 
so if you want to have a program run SUID root you will have to chown 
root it. The same goes for SGID.

'man chmod' would have happily told you just that.

P.S. Beware that SUID/SGID root is a potential security risk.
--
gentoo-user@gentoo.org mailing list

Re: [gentoo-user] SUID mounts ( cross platform encryption program/container)

2006-02-28 Thread Ow Mun Heng 
On Tue, 2006-02-28 at 03:20 -0600, Zac Slade wrote:
 On Tuesday 28 February 2006 00:56, Ow Mun Heng wrote:
  Hi All,
 
  I'm having some issues with enabling programs to be suid root. Stuffs
  like /bin/mount /usr/bin/mount.cifs is already in mode 47xx and I still
  get errors that I have no permissions to execute it (to mount)

 If the mount point is not specified in /etc/fstab then only root can do the 
 mount.  If it's in /etc/fstab it needs the option users to allow this.  There 
 are exceptions, like when HAL manages the mount for you.

Okay. I hope this applies to /bin/mount only and not some other
programs. (see more below)

 
  (I'm troubleshooting another program but using mount as an example as
  the error symptom is the same)
 What is the other program?  What is the real issue?  Mount is sort of special.

The other program is called truecrypt - www.truecrypt.org) which
happens to be a cross platform cryptological container which works in
Windows (fully) and Linux (partially)

I'm using fuse and encfs natively under linux but looking for something
cross platform and found truecrypt. It works as advertised in Windows,
but in Linux, it's odd.

it's installed 4755 root:root truecrypt but I won't be able to access
it any other way than either as root or using sudo.

$truecrypt -vl
Admin priv needed
$sudo truecrypt -vl
[data]...

This program is _very_ lacking in Linux. It works but, it's _very_
lacking. Anyone has any other recommendation?

-- 
gentoo-user@gentoo.org mailing list