>From: Carsten Hammer <chammer@phyd2hammer.uni-bielefeld.de>
>Date: Wed, 24 Jan 1996 19:04:02 +0000 (GMT)
>
>Is there any way to give a CDROM in user access without
>violating basic system security principles?
>Are usermount (suid root) scripts bad in general or are
>there ways to do them "right"?

Write a small C program:

#include <unistd.h>
#include <errno.h>
int main(argc, argv)
    int argc
    char *argv[];
{
    execle("/sbin/mount", "mount",
	   "-rt", "cd9660", "-o", "nosuid", "/dev/cd0a", "/cdrom",
	   (char *)0, (char *)0));
    perror(argv[0]);
    return 1;
}

Compile, chown the executable to root, chmod it to 4511, and you're
all set.

>Is there a way to allow rockridge extension on CD's but
>change all permissions that are suid or change all owner-marks
>to the user that accesses the files?

Read mount(8), and mount_cd9660(8).  They describe options that you
can add, like `nosuid' (see above).
-- 
Mike Long <mike.long@analog.com>           http://www.shore.net/~mikel
VLSI Design Engineer         finger mikel@shore.net for PGP public key
Analog Devices, CPD Division          CCBF225E7D3F7ECB2C8F7ABB15D9BE7B
Norwood, MA 02062 USA       (eq (opinion 'ADI) (opinion 'mike)) -> nil