Re: mounting loopback as non-root user

• Previous message: hanasaki: "Re: OO1.1 fails to start"
• In reply to: Jan Minar: "Re: mounting loopback as non-root user"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

To: Jan Minar <Jan.Minar@seznam.cz>
Date: Tue, 30 Dec 2003 18:38:30 -0600

On Tue, 2003-12-30 at 14:20, Jan Minar wrote:
> On Tue, Dec 30, 2003 at 02:57:24PM -0500, Paul Morgan wrote:
> > On Tue, 30 Dec 2003 12:09:37 -0600, Rob Benton wrote:
> >
> > > I guess I've never payed much attention to this until today but you have
> > > to be root to mount with the -o loop option. At least on my machine I
> > > do. Mount has the suid bit set. Is there some way I can allow non-root
> > > users to mount loop devices?
> >
> > Just off the top of my head, I think that it's probably a bad idea to
> > give a user the direct ability to mount on a loop device. How do you
> > control what the user mounts? It's an invitation to figure out how to
> > build an fs image with an suid binary on it and root your system,
>
> mount -o nosuid,nodev
>
> --there's no difference between a loop device and any other device.
> There's the same problem with removable media, network shares, etc.
> It's just mount(8) will not accept `-o' switch from a non-root user.
>
> And don't think it's of no use: Anywhere superuser can use the loop
> device (encryption, fs-images, games, simulation, ...) mere users would
> use it, too. It's even cumbersome sometimes to do these things as root.

Ok I knew there was probably a reason. In this case I'm the only one
mounting and I'm the only user on my system so it would just be to save
me some extra keystrokes. I'll probably sudo it since I have apt set up
that way, too.

-- 
To UNSUBSCRIBE, email to debian-user-request@lists.debian.org 
with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org

• Previous message: hanasaki: "Re: OO1.1 fails to start"
• In reply to: Jan Minar: "Re: mounting loopback as non-root user"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Relevant Pages Re: mounting loopback as non-root user ... >> I guess I've never payed much attention to this until today but you have ... > give a user the direct ability to mount on a loop device. ... --there's no difference between a loop device and any other device. ... It's even cumbersome sometimes to do these things as root. ... (Debian-User) Re: Xiaou2 Challenged: was: Okay fill me in whats been happening.... ... I'll pick you up and dump you on your head. ... you on your head, mount you, slap you in the face and put you to sleep. ... (rec.martial-arts) Re: UFS Bug: FreeBSD 6.1/6.2/7.0: MOKB-08-11-2006, CVE-2006-5824, MOKB-03 ... They can simply mount a filesystem with any number of SUID ... root binaries on it and have their way with the box. ... They have physical access to the machine. ... (FreeBSD-Security) 2.6 kernel NFS root mount problem ... I'm tying to run 2.6.18 kernel on ARM AT91RM9200DK board with NFS mount ... usb usb1: Product: AT91 OHCI ... Unable to mount root fs via NFS, ... (Linux-Kernel) NFS root mount problem ... I'm tying to run 2.6.18 kernel on ARM AT91RM9200DK board with NFS mount ... usb usb1: Product: AT91 OHCI ... Unable to mount root fs via NFS, ... (Linux-Kernel)