Subject: Re: Allow non-root users to access to CD-ROM and Floppy
To: None <netbsd-users@NetBSD.org>
From: Peter Bex <Peter.Bex@student.kun.nl>
List: netbsd-users
Date: 09/08/2004 18:36:30
--9zSXsLTf0vkW971A
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Wed, Sep 08, 2004 at 04:50:11PM +0200, Johnny Billquist wrote:
> On Wed, 8 Sep 2004, Joel Rees wrote:
>=20
> > Wildcard the user? Leave out the mount points in the sudoers command li=
ne?=20
> > You don't have to do that, I think.
>=20
> A number of users was the prerequisite here, I believe. If we could skip=
=20
> that, we didn't need this discussion at all. :-)

Maybe a stupid question, but I'll go ahead and ask it anyway:  Why isn't
it an option to allow members of certain groups to mount the device?
So if a user's group `owns' the mountpoint, and of course the user has
write access to the point node, the mount can take place.

If needed, the owner of the mount point can be set to, say, root, so the
users can't change the group ownership of the mountpoint.

I suppose there are security issues with this, but I would like to know
what these are exactly.

Regards,
Peter
--=20
http://www.student.kun.nl/peter.bex
--
"The process of preparing programs for a digital computer
 is especially attractive, not only because it can be economically
 and scientifically rewarding, but also because it can be an aesthetic
 experience much like composing poetry or music."
							-- Donald Knuth

--9zSXsLTf0vkW971A
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (NetBSD)

iD8DBQFBPzUOLg33BXzVMqsRAkixAJ4vPMOh3pNMnaLna3YOPfSCyP81tACfQ3M7
gmZLW7up4pXQDSwHDVAfSwA=
=rSp1
-----END PGP SIGNATURE-----

--9zSXsLTf0vkW971A--