From: Gilboa Davara (gilboad_at_nonexisting.hamakor.org.il)
Date: Thu 19 Jan 2006 - 19:37:43 IST
On Thu, 2006-01-19 at 19:04 +0200, Efraim Yawitz wrote:
>
> On Thu, 19 Jan 2006, Tzafrir Cohen wrote:
>
> >
> > You don't need to be root to create a tar file with device files in it.
> > This is merely writing a tar file.
> >
> > You do need to be root (or otherwise priviliged) to mknod. Generating
> > the device files as extracted from the tarball is the priviliged
> > operation.
>
> Right, this is the part I didn't try, and obviously tar has to call mknod to write the files, and the same with cp.
>
> How about the following, though? (This is what I thought of originally, actually.) I could make a ext2fs on a loop-mounted file and create the devices there with world read/writeability, and then burn this filesystem onto a CD with cdrecord. If a system allows user-mounting of CD's, then I have those device files available. What's the catch?
>
> Ephraim
Umm.... mounting loop device is limited to root for a good reason.
Once a user had loop mount capability, it's much easier for him to mount
a modified FS where all the sbin utilities are suided...
A secure system gives users *very* limited mount capabilities.
Gilboa
=================================================================
To unsubscribe, send mail to linux-il-request_at_linux.org.il with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail linux-il-request_at_linux.org.il
This archive was generated by hypermail 2.1.7 : Thu 19 Jan 2006 - 19:50:29 IST