----- Original Message ----- > From: "Isaac Dunham" <ibid...@gmail.com> > I'm not sure where in the discussion this fits, but I thought I'd mention > it here: > Permitting all mount invocations via sudo does have a potential security > hole if your mount implementation supports FUSE, as you can run an arbitrary > command by specifying the mount type. > I don't think that sudo does the necessary steps to block this. > > If you use a wrapper script, you can make it automatically determine the > type and run ntfs-3g if appropriate, then allow sudo to run that. > If you use a C wrapper, you can do that and make it suid. > Another reason not to give users wholesale access to the mount command is that they could then 'mount -o remount,rw' any filesystem that the administrator has mounted read-only. To protect against this, I think you probably need something a bit more complicated than just sudo. Of course, for a single user system, this is not a problem.
-Rob _______________________________________________ Dng mailing list Dng@lists.dyne.org https://mailinglists.dyne.org/cgi-bin/mailman/listinfo/dng
