On Tue, 30 Dec 2003 12:09:37 -0600, Rob Benton wrote: > I guess I've never payed much attention to this until today but you have > to be root to mount with the -o loop option. At least on my machine I > do. Mount has the suid bit set. Is there some way I can allow non-root > users to mount loop devices?
Just off the top of my head, I think that it's probably a bad idea to give a user the direct ability to mount on a loop device. How do you control what the user mounts? It's an invitation to figure out how to build an fs image with an suid binary on it and root your system, i.e. it's probably a very large security hole, maybe as large as simply emailing the user the root password. As I say, this is just off the top of my head, and maybe I'm wrong, but the idea seems dangerous to me. -- ....................paul It's working as coded. -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
