a mtools wrapper (slight better control)

[Mario Sergio Fujikawa Ferreira]

Hi,

        Here is my problem:

        I need to enable a group of workstations running XDM 
accesses to local disk floppies with FAT16/32 FS(es). Therefore, I
considered ports/emulators/mtools.
        All users will have access to the floppy drives.
        All workstations will permit remote shell emulation
(sshd,...).  Thus, there can be a local and several remote users
on all workstations.

        HOWEVER, I would like to only permit the local
logged user accesses to the floppy through mtools. I need this
because this lab is considered hostile environment and remote
users might try to be fun destroying other ppls floppy files.
Before, I get any complains I considered doing something.

        Here is what I though:

        1) Create user floppy, group floppy
        2) chown root:floppy /dev/fd0* 
        3) chmod 0660 /dev/fd0*
        4) write a wrapper replacing /usr/local/bin/mtools

        mtools -> /usr/local/bin/mtools_real
        wrapper -> /usr/local/bin/mtools

        The wrapper will:

        1) Sanitize the environment a la ports/x11/wrapper
        2) First, check if the user trying mtools is the user
locally logged through XDM. Second, I do not considered su (su from
any other user) users locally logged. Third, I am still deciding
the ruling about the remote logged with the same username (uid).
2nd and 3rd will depend on the ease to implement.
        3) The wrapper will be installed sugid

        chown root:floppy /usr/local/bin/mtools
        chmod 2005 /usr/local/bin/mtools

therefore, if (1) and (2) go well, the wrapper will run mtools_real
with the appropriate privileges.

        The workstations will be running FreeBSD 4.x-Stable
with XFree 4.0.2 from ports.

        The design seems fine, adding a simple, yet interesting
level of control over mtools. However, how does one achieve item
(2) of the wrapper design?

        1) getuid to get the user running the wrapper
        2) geteuid for additional checking
        3) get through PAM the user who logged through XDM
        4) crosscheck to see if running user match XDM user
        5) check if the running process associated terminal is not
a remote terminal (ssh, ...)
        6) check if this a su user

        The list came from a mental exercise. However, I
have no idea if this is feasible. Is this correct?  How do I do
3-6? What could I do differently?

        Hope this is not out of line, or plainly in the wrong
list.

        Regards,

-- 
Mario S F Ferreira - UnB - Brazil - "I guess this is a signature."
lioux at ( freebsd dot org | linf dot unb dot br )
flames to beloved [EMAIL PROTECTED]


To Unsubscribe: send mail to [EMAIL PROTECTED]
with "unsubscribe freebsd-hackers" in the body of the message