Mounting floppies

[DAVID NEWALL]

In article <7606 at orstcs.CS.ORST.EDU>, hakanson at mist.cs.orst.edu (Marion Hakanson) writes:
> In article <8800002 at gistdev> flint at gistdev.UUCP writes:
>>I think it would be nice to have an option on mount that would basically say
>>"If the suid or guid bits are set on any files not owned by me, then clear the
>>bits and then mount the floppy."  Such an option could presumably be used
>>without your having to be the super-user: it might be extremely slow, but so
>>what?  Mounting a floppy is hardly a fast operation in the first place.
>
> [ explanations deleted ]
>
> /*
> ** $Header: mountpub.c,v 1.15 85/11/18 11:45:36 hakanson Exp $
> **
> ** Usage:
> **    mountpub [-fr] device directory
> **        -f  force clearing of bits (don't ask user).
> **        -r  read only filesystem (pass on to mount command).
> ** or:
> **    umountpub device
> **
> ** This program allows any user to mount/unmount devices to
> ** which the system administrator has allowed public access.
> ** It runs setuid to root, but will not give access to files,
> ** devices, or directories for which the user would not normally
> ** have permissions.
> **
> ** The main thing mountpub does is to check the contents of
> ** the filesystem being mounted to be sure that there are no
> ** setuid/setgid files that would give permissions that the
> ** caller does not already have.  Hence this makes it safer
> ** to allow the average user to mount filesystems.
> */

Gee, I don't know.  I wonder what would happen if the user "mountpub"ed
a floppy, and then replaced it with another disk that had setuid root
shells on it -- ie, without unmounting the old disk?  Could be nasty...

--
David Newall                     Phone:  +61 8 343 3160
Unix Systems Programmer          Fax:    +61 8 349 6939
Academic Computing Service       E-mail: ccdn at levels.sait.oz.au
SA Institute of Technology       Post:   The Levels, South Australia, 5095