How can I mount a device without being logged in as root, without using
‘su’, or such? For instance, my QNX machine is used by multiple people;
often times they have a floppy disk they’d like to use, but lo and behold,
they can’t! Help?
Previously, Sir Charles wrote in qdn.public.qnxrtp.os:
How can I mount a device without being logged in as root, without using
‘su’, or such? For instance, my QNX machine is used by multiple people;
often times they have a floppy disk they’d like to use, but lo and behold,
they can’t! Help?
As a practical matter, if someone can read a floppy, they
can gain root. That stated, if you assume that your users
are not sophisticated enough to attack the system in this
manner, and you still want them to gain access to a floppy
without being root, I can suggest two methods. You could
turn on the “set ID on execution” bit of mount using chmod,
or you could create a root agent process that the user can
access for this purpose.
Mitchell Schoenbrun --------- maschoen@pobox.com
Sir Charles <nospam@chalz-of-internetusa.net> wrote:
: How can I mount a device without being logged in as root, without using
: ‘su’, or such? For instance, my QNX machine is used by multiple people;
: often times they have a floppy disk they’d like to use, but lo and behold,
: they can’t! Help?
It is a big security flaw for non-root to be allowed to perform a mount
(other UNIX-like OSs also insist on being root too).
You can make mount (and umount probably) setuid root if you want to change
this policy locally.
Or, since you mention floppy explicitly, you can mount filesystems on
this device at startup (when you are running as root); multiple mounts
on removable media are allowed, so doing (or similar)
mount -tqnx4 /dev/fd0 /fs/floppy-qnx4
mount -tdos /dev/fd0 /fs/floppy-dos
gives you two new filesystem mountpoints in the system which will auto-learn
based on the type of floppy currently inserted in the drive.
As a practical matter, if someone can read a floppy, they
can gain root. That stated, if you assume that your users
are not sophisticated enough to attack the system in this
manner, and you still want them to gain access to a floppy
without being root, I can suggest two methods. You could
turn on the “set ID on execution” bit of mount using chmod,
or you could create a root agent process that the user can
access for this purpose.
Okay, both of those describe processes I’m wholly unfamiliar with. If
you could point me to some docs on this matter, or if it’s simple enough to
explain, I’d greatly appreciate it.
–Charles
It is a big security flaw for non-root to be allowed to perform a mount
(other UNIX-like OSs also insist on being root too).
Okay, well, I’m interested in simply allowing family members access
floppies. I’m not in a network environment (except via 56k dialup, which is
rarely connected), and the people who would be using my system are less
familiar with QNX and *nixes in general than I am; and I haven’t a clue as
to how this is a security flaw 
You can make mount (and umount probably) setuid root if you want to change
this policy locally.
Locally, yeah. How would I do this? Could I make it apply such that
local users, who are of group 1000, can do it but remote users of group 2000
cannot?
Or, since you mention floppy explicitly, you can mount filesystems on
this device at startup (when you are running as root); multiple mounts
So, is this something that can be done via rc.local, then?
on removable media are allowed, so doing (or similar)
mount -tqnx4 /dev/fd0 /fs/floppy-qnx4
mount -tdos /dev/fd0 /fs/floppy-dos
gives you two new filesystem mountpoints in the system which will
auto-learn
based on the type of floppy currently inserted in the drive.
That’s interesting. Will this be valid even if no floppy is currently in
the drive? ie, can I run mount on /dev/fd0 without a floppy in, but once a
floppy is inserted, people can then access it? Or will it give an error
when attempting to mount without a disk in?
I really appreciate the help all!
–Charles
Previously, Sir Charles wrote in qdn.public.qnxrtp.os:
As a practical matter, if someone can read a floppy, they
can gain root. That stated, if you assume that your users
are not sophisticated enough to attack the system in this
manner, and you still want them to gain access to a floppy
without being root, I can suggest two methods. You could
turn on the “set ID on execution” bit of mount using chmod,
or you could create a root agent process that the user can
access for this purpose.Okay, both of those describe processes I’m wholly unfamiliar with. If
you could point me to some docs on this matter, or if it’s simple enough to
explain, I’d greatly appreciate it.
chmod a+s /bin/mount
This will cause mount to run as root even if the user starting
it is not.
2) This is more complicated. Here is a rough overkill approach
Agent process does the following
- Registers a name or attaches to name space
- Waits for messages
- Executes the contents of the messages using system()
Client process
- locates Agent process or opens name space.
- Sends a message with the command that it wants to execute as root
This would give your client the ability to do anything, which you probably
don’t want, so instead you probably should limit it.
Mitchell Schoenbrun --------- maschoen@pobox.com
Sir Charles wrote:
It is a big security flaw for non-root to be allowed to perform a mount
(other UNIX-like OSs also insist on being root too).
Okay, well, I’m interested in simply allowing family members access
floppies. I’m not in a network environment (except via 56k dialup, which is
rarely connected), and the people who would be using my system are less
familiar with QNX and *nixes in general than I am; and I haven’t a clue as
to how this is a security flaw >You can make mount (and umount probably) setuid root if you want to change
this policy locally.
Locally, yeah. How would I do this? Could I make it apply such that
local users, who are of group 1000, can do it but remote users of group 2000
cannot?Or, since you mention floppy explicitly, you can mount filesystems on
this device at startup (when you are running as root); multiple mounts
So, is this something that can be done via rc.local, then?on removable media are allowed, so doing (or similar)
mount -tqnx4 /dev/fd0 /fs/floppy-qnx4
mount -tdos /dev/fd0 /fs/floppy-dos
gives you two new filesystem mountpoints in the system which will
auto-learn
based on the type of floppy currently inserted in the drive.
That’s interesting. Will this be valid even if no floppy is currently in
the drive? ie, can I run mount on /dev/fd0 without a floppy in, but once a
floppy is inserted, people can then access it? Or will it give an error
when attempting to mount without a disk in?
I really appreciate the help all!–Charles
Mount with no floppy works fine. I put them in my rc.local file. There is a
slight delay during the startup, and when-ever you step into the / directory
with the FileMAnager (it is trying and timeing out the floppy read), but I think
that’s a small price for the convenience.
Phil Olynyk
Cool! Thank you very much, Mitchell 
–Charles
“Mitchell Schoenbrun” <maschoen@pobox.com> wrote in message
news:Voyager.010713155129.304F@schoenbrun.com…
Previously, Sir Charles wrote in qdn.public.qnxrtp.os:
As a practical matter, if someone can read a floppy, they
can gain root. That stated, if you assume that your users
are not sophisticated enough to attack the system in this
manner, and you still want them to gain access to a floppy
without being root, I can suggest two methods. You could
turn on the “set ID on execution” bit of mount using chmod,
or you could create a root agent process that the user can
access for this purpose.Okay, both of those describe processes I’m wholly unfamiliar with.
If
you could point me to some docs on this matter, or if it’s simple enough
to
explain, I’d greatly appreciate it.
1)chmod a+s /bin/mount
This will cause mount to run as root even if the user starting
it is not.
2) This is more complicated. Here is a rough overkill approachAgent process does the following
- Registers a name or attaches to name space
- Waits for messages
- Executes the contents of the messages using system()
Client process
- locates Agent process or opens name space.
- Sends a message with the command that it wants to execute as root
This would give your client the ability to do anything, which you probably
don’t want, so instead you probably should limit it.
Mitchell Schoenbrun --------- > maschoen@pobox.com
Shweet! Thanks Phil, John
“Phil Olynyk” <pholynyk@home.com> wrote in message
news:3B504750.C387F6C3@home.com…
Sir Charles wrote:
It is a big security flaw for non-root to be allowed to perform a
mount
(other UNIX-like OSs also insist on being root too).
Okay, well, I’m interested in simply allowing family members access
floppies. I’m not in a network environment (except via 56k dialup,
which is
rarely connected), and the people who would be using my system are less
familiar with QNX and *nixes in general than I am; and I haven’t a clue
as
to how this is a security flaw >You can make mount (and umount probably) setuid root if you want to
change
this policy locally.
Locally, yeah. How would I do this? Could I make it apply such that
local users, who are of group 1000, can do it but remote users of group
2000
cannot?Or, since you mention floppy explicitly, you can mount filesystems on
this device at startup (when you are running as root); multiple mounts
So, is this something that can be done via rc.local, then?on removable media are allowed, so doing (or similar)
mount -tqnx4 /dev/fd0 /fs/floppy-qnx4
mount -tdos /dev/fd0 /fs/floppy-dos
gives you two new filesystem mountpoints in the system which will
auto-learn
based on the type of floppy currently inserted in the drive.
That’s interesting. Will this be valid even if no floppy is
currently in
the drive? ie, can I run mount on /dev/fd0 without a floppy in, but
once a
floppy is inserted, people can then access it? Or will it give an error
when attempting to mount without a disk in?
I really appreciate the help all!–Charles
Mount with no floppy works fine. I put them in my rc.local file. There is
a
slight delay during the startup, and when-ever you step into the /
directory
with the FileMAnager (it is trying and timeing out the floppy read), but I
think
that’s a small price for the convenience.Phil Olynyk