In message <Pine.NEB.4.58.0401021104330.23244@chylonia.3miasto.net>, Wojciech P
uchar writes:
>> of devices such as the cd-rom or dvd drive?
>>
>> The standard install (1.6Zx, current) produces devices files owned by
>> root and only readable by root and the group "operator". This is pretty
>> restrictive and I understand that it's a reasonable default in general.
>>
>> However, things like cd-roms and dvds or any other removable media are
>> desirable to most users - they want to play a cd or dvd, or perhaps burn
>> a cd.
>>
>
>use vfs.generic.usermount=1 in sysctl
>
>and set user/group privilege to directory to which cd/dvd have to be
>mounted like /cdrom
>
>then put in /etc/fstab something like
>
>/dev/cd0a /cdrom cd9660 ro,noauto 0 0
>

There's an important warning here: you probably want to specify
'nosuid,nodev' as well, unless you trust all of your users.  (I confess 
that I'm not sure if it's even possible to have setuid or device files 
on ISO 9660 CDs.  But it is possible on ffs-formatted floppies, vnd 
images, and the like.)

Regardless, a better solution might be to use amd.  I do that even on 
machines where I'm the sole user -- it's just an easier way to operate.

		--Steve Bellovin, http://www.research.att.com/~smb