[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: at-boot smbmount security.



On Tue, Aug 14, 2001, Oleg Goldshmidt wrote about "Re: at-boot smbmount security.":
> But when KDE (or a user) issues "mount /mnt/floppy" mount(8) needs to
> look into /etc/fstab to see how to do it (options etc), right?

[I think I'm starting to repeat myself...]

Right, but mount is setuid root, and so has absolute power and can read an
unreadable /etc/fstab, as well as mount some things even as non-root (see
"user" and "owner" in the mount(8) manual). Obviously, mount refuses to
do most mounts when it sees the user using it is not root.

Think of this (mount /mnt/floppy) as some service the superuser decided to
give all users (or the user owning /dev/fd0 - Redhat's xdm chowns it on
login). The fact that the superuser allows the user this "privilige" does
not mean that the user should be able to know exactly what he is allowed.
He can do mount /mnt/floppy, but not know exactly what options are used
(only the superuser will know that). That's life (or rather, Unix).

Please, try it out yourself. Do 'chmod o= /etc/fstab', and see that
'mount /mnt/floppy', mount (without parameters), df, mv, and whatever else
you can think of, should work. Whatever does not work, is buggy and can
be fixed.

-- 
Nadav Har'El                        |         Tuesday, Aug 14 2001, 25 Av 5761
nyh@math.technion.ac.il             |-----------------------------------------
Phone: +972-53-245868, ICQ 13349191 |How to become immortal: Read this
http://nadav.harel.org.il           |signature tomorrow and follow its advice.

=================================================================
To unsubscribe, send mail to linux-il-request@linux.org.il with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail linux-il-request@linux.org.il