[Techtalk] Auto-mounting (WAS [Grrltalk] Misinformation in the
IT workplace)
Meredydd
meredydd at everybuddy.com
Thu Feb 26 18:56:16 EST 2004
On Thursday 26 February 2004 10:35, showercurtain wrote:
> I thought that floppy drives aren't auto-mounted by default because
> of security reasons and file permission-type stuff.
I don't really see how this could be a problem. The standard solution to
this is to force the disk to be mounted -o noexec (stop anyone
executing files on that filesystem), which prevents people from doing
things like inserting a floppy with a suid binary and gaining root
access that way.
> Now I use RedHat
> 8 and I'm wondering why that doesn't apply to the cdrom, ie: if I want
> to open a file on a floppy disk I have to mount the floppy, but I
> don't need to do that with the cd-rom.
Well, if the reason floppies aren't automounted is what I proposed
above, I'd guess that the cd-rom is forced to use the iso9660
filesystem, which does not (I don't think - feel free to prove me
wrong) support such a concept as suid executables. Floppies, by
contrast, often use filesystems such as ext2 which very much do.
Another thought has just occurred to me, by the way - how are you trying
to access said devices? If you're using your graphical environment (I
know KDE does this, I assume Gnome does), when you click on a "device"
icon, the desktop environment explicitly tries to mount the volume for
you. If this is the case, then you might want to look into whether
users are allowed by /etc/fstab to mount floppies explicitly on your
sytem.
Meredydd
More information about the Techtalk
mailing list