Re: [opensuse] fstab: umount as user

On Tuesday 09 October 2007 11:23:56 G T Smith wrote:
Anders Johansson wrote:
On Monday 08 October 2007 10:54:41 G T Smith wrote:
Anders Johansson wrote:
On Sunday 07 October 2007 14:23:50 G T Smith wrote:
Unfortunately if you can disconnect a resource, you can also reconnect
something else at the same point, and that could be a security issue.
If the location is taken it makes it more difficult (but not
impossible) to hijack.

No you can't, because linux will only allow you to mount things as a
user when permission is explicitly given in fstab. Which means the
worst they could do is remount the same resource

If you think this is wrong, please give a concrete example of how it
could be done

<snip something about home directories on samba shares>

Obviously your scenario is just wrong.

I think you need to do a little research into both AD and NDS and some
Network Operating System concepts.... You are thinking server and
machine centric not network centric... e.g. NT user accounts are
frequently dynamically created on the local machine on login and the
account removed on logout, accounts and their settings exist on the
network NOT the machine (I am unaware of anything similar on *NIX). The
approach has its problems but works well enough...

Been there, done that, used automount, which is capable of using dynamic share
names, worked perfectly - no need to create home directories on each machine,
no need for local root access

--
To unsubscribe, e-mail: opensuse+unsubscribe@xxxxxxxxxxxx
For additional commands, e-mail: opensuse+help@xxxxxxxxxxxx

Relevant Pages

  • Re: [opensuse] fstab: umount as user
    ... <snip something about home directories on samba shares> ... Network Operating System concepts.... ... accounts and their settings exist on the ... network NOT the machine (I am unaware of anything similar on *NIX). ...
    (SuSE)
  • Re: Script help
    ... Network administration is always a ... If these are, in fact, writing lab computers, and students have their files ... shared on a server somewhere on campus, then yes, individual accounts are ... >> need the script, just log on the account and add the printer, followed by ...
    (microsoft.public.windows.server.scripting)
  • Re: [opensuse] fstab: umount as user
    ... Network Operating System concepts.... ... accounts and their settings exist on the ... Secondly, one single mount point for all users is just bad, it won't work. ... If A is member of group 2 they can use resource VI when they log in... ...
    (SuSE)
  • Re: Peer to Peer Security in WindowsXP Pro.
    ... I have limited my network shares to Authorized ... I have been unable to share encrypted files over the network. ... can't be shared peer to peer. ... Create user accounts on Computer A that match the ...
    (microsoft.public.windowsxp.security_admin)
  • RE: SIDS show instead of user names
    ... I'd like to make sure the sid can be resolved at the same time you see SID ... As far as the accounts being deleted in AD, ... Go to Capture --> Networks to choose the correct network card by ...
    (microsoft.public.win2000.active_directory)