netbsd-users: Re: Allow non-root users to access to CD-ROM and Floppy

Subject: Re: Allow non-root users to access to CD-ROM and Floppy
To: None <netbsd-users@NetBSD.org>
From: Joel Rees <joel_rees@sannet.ne.jp>
List: netbsd-users
Date: 09/08/2004 23:13:15

>>>> Yes. Install sudo (from pkgsrc/security) and create let those you 
>>>> want
>>>> use that to mount/unmount.
>>>
>>> That is probably a "good" way of opening a security hole.
>>
>> No, it is very much the opposite. It is the most secure way of doing
>> this. If you follow the instructions you're much less likely to open
>> a security hole than you would by writing your own suid shell script,
>> for example. And it's far, far more secure than allowing users to
>> mount/unmount any volume!
>
> I must have misunderstood you. I thought you said to install sudo, and 
> allow people to use mount/umount through sudo?

Wildcard the user? Leave out the mount points in the sudoers command 
line? You don't have to do that, I think.

> As far as I can tell, this will allow people to mount/umount any 
> volume, and, as opposed to setting the sysctl variable, this will 
> allow them to mount at any point, which in turn, will allow them to 
> exchange the mount binary with anything they feel like, which in turn 
> means they can easily crack the system.

Which is why, last I recall, the sudoers file provides ways to limit 
the set of users allowed a particular command line and to pre-supply 
arguments.

> mount is a dangerous operation, which is why normal people normally 
> aren't allowed to do this.

Can't argue with that.

> ...

--
Joel Rees
     If God had meant for us to not tweak our source code,
     He'd've given us Microsoft.