Subject: Re: Allow non-root users to access to CD-ROM and Floppy
To: None <netbsd-users@NetBSD.org>
From: Joel Rees <joel_rees@sannet.ne.jp>
List: netbsd-users
Date: 09/08/2004 23:13:15
>>>> Yes. Install sudo (from pkgsrc/security) and create let those you
>>>> want
>>>> use that to mount/unmount.
>>>
>>> That is probably a "good" way of opening a security hole.
>>
>> No, it is very much the opposite. It is the most secure way of doing
>> this. If you follow the instructions you're much less likely to open
>> a security hole than you would by writing your own suid shell script,
>> for example. And it's far, far more secure than allowing users to
>> mount/unmount any volume!
>
> I must have misunderstood you. I thought you said to install sudo, and
> allow people to use mount/umount through sudo?
Wildcard the user? Leave out the mount points in the sudoers command
line? You don't have to do that, I think.
> As far as I can tell, this will allow people to mount/umount any
> volume, and, as opposed to setting the sysctl variable, this will
> allow them to mount at any point, which in turn, will allow them to
> exchange the mount binary with anything they feel like, which in turn
> means they can easily crack the system.
Which is why, last I recall, the sudoers file provides ways to limit
the set of users allowed a particular command line and to pre-supply
arguments.
> mount is a dangerous operation, which is why normal people normally
> aren't allowed to do this.
Can't argue with that.
> ...
--
Joel Rees
If God had meant for us to not tweak our source code,
He'd've given us Microsoft.