Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!devnull!lance
From: lance@mpd.tandem.com (Lance Hartmann)
Newsgroups: comp.unix.amiga
Subject: Re: interesting feature on AMIX..
Summary: Non-root-user mounting floppy filesystem
Keywords: MOUNT FLOPPY SECURITY
Message-ID: <319@devnull.mpd.tandem.com>
Date: 20 Jun 91 19:20:55 GMT
References: <13706@mentor.cc.purdue.edu> <1991Jun19.204906.19339@dvorak.amd.com> <1991Jun20.165331.4604@convex.com>
Sender: news@devnull.mpd.tandem.com
Organization: Tandem Computers (MPD) Austin, TX
Lines: 26

In article <1991Jun20.165331.4604@convex.com> swarren@convex.com (Steve Warren) writes:
>In article <1991Jun19.204906.19339@dvorak.amd.com> tim@amd.com (Tim Olson) writes:
>>File systems should only be mountable by root.  Allowing a user to
>>mount a floppy would be a big security hole.
>
>[STUFF DELETED]
>Every inode would be scanned to make sure that nothing on the floppy violated
>the priviledges of the user.  If anything bogus showed up then the system
>would refuse to mount it....
>[REMAINDER DELETED]

Forgive my ignorance, but what do you mean by "scanning the inodes"?  Yes,
I know what an inode is, but I'm curious as to your procedure.  I guess
you could read the raw floppy device, check the super block, etc.
before mounting, but is there a EASY, KNOWN way for checking the stat's of the
raw contents?  For example, you'd certainly want to make sure that there
weren't ANY files with setuid/setgid bits set (particularly, root owned!).
I know that all the info would be there, but am wondering how easy/difficult
it would be to do this....


-- 
Lance G. Hartmann - cs.utexas.edu!devnull!lance (Internet)
-------------------------------------------------------------------------------
DISCLAIMER:  All opinions/actions expressed herein reflect those of my VERY OWN
and shall NOT bear any reflection upon Tandem or anyone else for that matter.