Path: utzoo!attcan!uunet!ncrlnk!ncr-sd!hp-sdd!hplabs!gatech!mcdchg!heiby From: heiby@mcdchg.chi.il.us (Ron Heiby) Newsgroups: comp.unix.wizards Subject: Re: Mounting floppies Message-ID: <14598@mcdchg.chi.il.us> Date: 18 Nov 88 23:25:19 GMT References: <129@minya.UUCP> Reply-To: heiby@mcdchg.chi.il.us (Ron Heiby) Organization: Motorola Microcomputer, Schaumburg, IL Lines: 34 John Chambers (jc@minya.UUCP) writes: > This despite the fact that the /dev/dsk file has 666 permissions and > /fd has 777 permissions. Only root can do a mount. > > This sorta interferes with users sticking a floppy in and saying > to mount it. > > Is there > some reason (other than bureaucratic perversity) that the Sys/V > mount command won't do its job when the /dev and the directory > have write permissions? The reason you don't (in general) want a user to be able to mount an arbitrary floppy is that once mounted, a.outs on it can be executed and the suid and sgid bits will be honored. In the environment you describe, I could format and mount a floppy, copy /bin/sh to it, chown the sh to root, and unmount the floppy. Now, since the /dev entry is mode 666, I can modify the inode of the copy of sh just put onto the floppy to change its mode bits, turning on the suid bit. Now, mounting the floppy again, I execute "my" copy of sh from the floppy and I'm running with euid of 0. Not a pretty picture. Note that AT&T's standard System V release has incorporated the facility for user mounting of floppies for some time. Of course, the way it was done for the releases of two years ago (when I left AT&T) made it even easier to become root using that facility. Disable the logins: checkfsys, makefsys, mountfsys, and umountfsys by changing the password field to "NONE" for those four in the /etc/passwd file if you have them. Do it now! In your environment, where there are only one or two people using the machine, this is probably no big deal. Do what you want. Your vendor doesn't know ahead of time how you plan to use the system, though. -- Ron Heiby, heiby@mcdchg.chi.il.us Moderator: comp.newprod "There is a fine line between stupidity and cleverness." (This is Spinal Tap)