On Sun, Sep 16, 2001 at 11:35:11PM +0200, Jakob B. Jensen wrote: > On Sun, Sep 16, 2001 at 09:40:06PM +0200, Eamon Roque wrote: > > Hi! > > > > Why is it then that when I mount a cdrom by hand, I can't change the > > options? > > When I do a "mount -o exec /cdrom" I get still have the following in > > /etc/mtab: > > /dev/sr1 on /cdrom type iso9660 (ro,nosuid,nodev) > > > > Am I missing something?! Before I used Debian, this wasn't a problem (SuSE > > 7.0 with the original devfsd from R.Gooch's site). Has this anything to do > > with the default config?! > > > Actually this has nothing to do with this thread, but anyway: > > There are two sets of permissions on your cdrom > > A. The permissions on /dev/cdrom (the topic that started this thread) > determine who can do things without mounting, such as playing audio > CDs, ejecting the tray or burning CDs. > > B. The options in /etc/fstab determine the defaults for mount. As an > important security precaution, mount can only override these if run > as root. The whole point of putting e.g. noexec in /etc/fstab is > to prevent users (or viruses run by users) from enabling exec > permissions contrary to roots orders (as given in /etc/fstab). > So, mount -o works (by design) only if you are root. > Hi!
Also: When I do,for example (keeping with the cdrom deal), a 'su' then 'mount -o exec,user /dev/sr1 /cdrom' when I want to execute some sort of script on the cd, for instance when I install StarOffice..., I get the same mount options as I would with a 'mount /cdrom' mount. Do I need to do a 'su -' for the root env?! Mounting on the command line is not available for normal, everyday users... at least with my configuration. It works for me. I had thought that the permissions on the device itself, actually /dev/sr1, c/o ide-scsi, could possibly influence this mad jumble. Do I have to edit something in /etc/devfs/devfsd.conf?! Are there any other things that could thwart root's will?! Thanks! Eamon Roque.
pgpoups6nFI82.pgp
Description: PGP signature
