[Slackbuilds-users] HAL 'plugdev' system-group (ivman/pmount)
Menno Duursma
druiloor at zonnet.nl
Thu May 17 10:09:07 UTC 2007
Alan Hicks wrote:
>> I'd say it all hinges on security. If a normal user mounts a CD, the
>> fstab applies all kinds of restrictions to it (or should). OTOH, I have
>> no idea if we were to reuse "cdrom" if someone could come along with a
>> stick of flash memory with a setuid root binary, stick it in, and run
>> it. Or, if the setuid bits would be removed.
pmount defaults to ignoreing them, thus this shouldn't be an issue; i.e.:
/dev/sda1 on /media/sda1 type vfat
(rw,noexec,nosuid,nodev,quiet,shortname=mixed,uid=1007,gid=104,umask=007)
> Well, the admin is going to have to setup fstab for this anyhow, right?
No, that's the point.
It still allows for admins to setup fstab though (just scrap pmount)
dbus/hal/ivman can still be used to trigger a 'normal' mount:
http://www.linux.com/article.pl?sid=06/07/26/2129232
> (Or does HAL somehow screw with that?
Nope. ('pmount' does :-))
-Menno.
More information about the Slackbuilds-users
mailing list