[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Erase cache, clean registry in Linux

On Sat, Nov 29, 2008 at 11:53:28AM -0800, Kelly Clowers wrote:
> On Sat, Nov 29, 2008 at 09:41, lee <lee@yun.yagibdah.de> wrote:
> > On Fri, Nov 28, 2008 at 09:11:11PM -0800, Kelly Clowers wrote:
> >> On Thu, Nov 27, 2008 at 00:36, lee <lee@yun.yagibdah.de> wrote:

> >> > How do I turn it off? I don't want anything to be mounted
> >> > automatically or semi-automatically! Only root can do that --- if
> >> > gnome tries to circumvent that, that is a huge security hole and a
> >> > bug.

> > It's an incredibly huge security hole. It's breaking the whole concept
> > of having different users with different permissions.
> 
> No, it just means that users have permission to mount whatever
> is in fstab with the user/users options. That has been in Unix for
> a long time.
 
> > Besides, without correct mounting and unmounting, there's no way to
> > make sure that all data has been written to the device which is about
> > to be removed. You can't do that on windoze either, it will eventually
> > complain and/or be messed up so that you need to reboot, though it
> > sometimes works. And it's awfully slow with removable devices/media.

> > And you don't have any control over your data anymore ...
 
> Well, I like extensive control of my computer, and I like as much info
> and as many options as possible, which is why I use Debian Linux
> with a WM, not a Desktop Environment, and no Display Manager.

You can also have fine-grained controll yet let users do specific
things, in a few different ways.

If a filesystem (e.g. user X's thumb-drive) has a UUID, and you put that
UUID (instead of a normal device name) in fstab, then only that UUID
device can be mounted, but by any user (who happens to have user X's
thumb drive).  

There's a way to only allow a user to mount a drive to a mount point
that they own.  I don't know if you could have, e.g. ~/mnt as a mount
point in fstab for thumb drives.  In that case, you could require users
to put a filesystem label of e.g. "thumb" so that any user can mount
their thumb drive under ~/mnt (or perhaps ~/thumb).

Or, you could use sudo and give specific commands related to mounting
that each user can do.

There are more options.

Doug.
Reply to: