In article <20040127032433.6386.qmail@web12007.mail.yahoo.com>,
Nick Vanderweit <nickv_111@yahoo.com> wrote:
>Hi! I just installed NetBSD on a friend's computer,
>and I was wondering how you could make it so that
>anyone could mount fd0a, and how they could all have
>read-write access WITHOUT accessing root. I am more
>focussed on the second part, but if there was a way to
>do both, it would be best. I already added the line in
>/etc/fstab, but if one of the users who doesn't have
>access to root wants to mount and edit... I was
>thinking of using a script that runs using SUID root,
>but it seems insecure. So, how could I make it so a
>user could mount and edit a device without being root?

You could:

    sysctl -w vfs.generic.usermount=1

But by doing this you are opening a can of worms:

1. mounting corrupted filesystems can lead to crashes.
2. a user can create a setuid binary on another system and run it on yours
3. a user can create a device [such as a raw disk] on his filesystem and
   thus get access to your devices.

For 2,3 you can use an amd map that mounts nodev,nosuid and for 1, you
can use the amd mount command to force an fsck. Not very nice but...

christos