Re: Mounting of removable media - security problem ?
On Mon, 6 Oct 1997, Remco Blaakmeer wrote:
> There already is a solution to this. There is a group named 'floppy' you
> can use for this. If only users that are in the 'floppy' group (and root)
> can (u)mount the floppy device and only users that are logged in at the
> console are in group 'floppy', I think your problem is solved.
> Here is how to do this:
> In /etc/login.defs, add the group 'floppy' to the value of the
> 'CONSOLE_GROUPS' variable. I think it is there by default, but I am not
> sure. Now, execute these commands as root:
> # cd /dev
> # chown root.floppy fd*
> # chmod 660 fd*
> Now, if somebody logs in at the console he/she is in group 'floppy' (check
> this with the 'groups' command) and a user that is not logged in from the
> console has no access to the floppy drive (check this, too).
It really works, however there is another small problem. I'm maintaining
two debian systems, and "/etc/login.defs" exists only in one of them (the
one with installed shadow passwords).
Is the existence of /etc/login.defs associated with shadow passwords
How to install shadow passwords on "living" debian linux?
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
Trouble? e-mail to firstname.lastname@example.org .