Path: utzoo!utgpu!news-server.csri.toronto.edu!rpi!zaphod.mps.ohio-state.edu!swrinde!cs.utexas.edu!convex!swarren
From: swarren@convex.com (Steve Warren)
Newsgroups: comp.unix.amiga
Subject: Re: Secure floppy filesyetms (was Re: interesting feature on AMIX..)
Message-ID: <1991Jun24.000800.28879@convex.com>
Date: 24 Jun 91 00:08:00 GMT
References: <319@devnull.mpd.tandem.com> <1991Jun21.031301.7238@metapro.DIALix.oz.au> <dillon.8977@overload.Berkeley.CA.US>
Sender: usenet@convex.com (news access account)
Organization: CONVEX Computer Corporation, Richardson, Tx., USA
Lines: 14
Nntp-Posting-Host: neptune.convex.com

In article <dillon.8977@overload.Berkeley.CA.US> dillon@overload.Berkeley.CA.US (Matthew Dillon) writes:
>    There is no way to secure a floppy.  The user could easily put a setuid
>    root executable on it and then it would not really matter *where* it
>    is mounted.

The utility that calls mount would not allow a disk with setuid root
executables on it.  Since the Amiga knows when a floppy is ejected, it should
be possible to note such action and unmount the filesystem upon ejecting the
disk.  This would preclude mounting-and-swapping to get around security.
--
            _.
--Steve   ._||__
  Warren   v\ *|
             V