> On Thu, Sep 02, 1999, Andrew J. Korty wrote: > > > > > You realise that this kind of stuff can be done in kernelspace, > > > > without needing yet another setuid binary/binaries.. > > > > > > Well, sysctl with list of pathes for user mounts looks good. > > > Configuration is simple and can be easliy changed at runtime. It is > > > always better to avoid setuid'ed binaries, this is more worse that > > > mount(8) can execute other mount_* binaries. > > > > My code provides needed features that all implementations I've seen > > of the sysctl approach do not. Our users need to mount removable > > volumes just by clicking on a KDE icon, without having to know what > > type of filesystem is present on the media. Non-console users > > should not be permitted to mount removable volumes. Both of these > > features are provided by my patch, which I have had in production > > since I submitted it. > > There are saner ways than using a suid binary. > Countering your arguement.. > > sysctl -w vfs.usermount="/floppy:/cdrom" > > And they can mount/umount at whim if they own the mountpoint/have done the > mount (and the permission checking can be extended to suit..) > > Then all you need to do is think of a sane way to chown console devices > (floppy, cdrom, etc..) to the user when they login? Perhaps an extension > to login/xdm/whatever kde uses ?
The user would still have to know what type of filesystem is on the volume. My code tries filesystem types from a list, one by one, so the same command or desktop icon will mount a FAT, UFS, or EXT2FS floppy, for example. The system administrator can also specify default mount options on a device or filesystem-type basis. ajk To Unsubscribe: send mail to majord...@freebsd.org with "unsubscribe freebsd-hackers" in the body of the message