OK, gang, here's yet another thing that works fine under all
previous versions of Digital UNIX (up to and including 3.2c)
but which fails under 4.0d + patchkit#1 ...
People here have to read a lot of data off CDs, so instead of
giving everyone the root password, or setting the suid bit on
/usr/sbin/mount, we've been using a suid-root wrapper program,
which does nothing more than an execl() to do ...
mount -t cdfs -o ro,nosuid,rrip,noversion /dev/cd /cd
Now, under 4.0d, when a non-root user attempts to do this, it
fails, giving the following message:
mount: Can't load cdfs module
It's nothing weird about the wrapper program itself, though:
If I make mount setuid-root (which I *don't* want to do, for
the obvious reasons), and a non-root user tries mounting the
CD by issuing the above "mount" command directly, that fails
as well, in exactly the same way.
The mount() manpage does say that
Except for [execptions snipped] ... the calling
process must have superuser privilege.
However, it looks like something deep down inside the bowels
of the kernel is now looking at the real uid, whereas prior
to 4.0d it looked at the effective uid.
I consider this a bug (if it's inadvertent) or else a serious
misfeature (if it's intentional). Are there any DECfolks who
might care to comment as to whether this change was supposed
to have happened with 4.0d, or whether it was an accident?
And, more important ... Other than giving everyone the root
password, how (if at all) *can* we permit people to mount and
unmount their own CDs under 4.0d?
Mark Bartelt 416/978-5619
Canadian Institute for mark_at_cita.utoronto.ca
Theoretical Astrophysics
http://www.cita.utoronto.ca/~mark
"Nur eine Waffel taugt!" -- Parsifal, in an Eggo commercial
Received on Tue May 19 1998 - 20:12:02 NZST