jfh@rpp386.cactus.org (John F Haugh II) (06/03/91)
In article <1991Jun2.014516.29451@nntp.hut.fi> jkp@cs.HUT.FI (Jyrki Kuoppala) writes: >I'd suppose that floppies on a Sun are used mostly to transfer data to >some other kinds of computers, writing some personal files with tar, >using MS-LOSS tools or something like that, not mounting them. Making >the floppy device unreadable would make it useless for this purpose. > >Suggested fix: don't mount the floppy in the first place. Better Suggested Fix: Write a little utility which will change the ownership of the floppy disk from some standard UID that you make up to own the device to the real UID of the invoker. Something like this - -- #if 0 cc -o checkin -DHAVE_FUSER checkinout.c touch /etc/checkinout cp checkin /usr/local/bin ln /usr/local/bin/checkin /usr/local/bin/checkout chown root /usr/local/bin/checkin chmod 400 /etc/checkinout chmod 4711 /usr/local/bin/checkin exit 0 #endif /* * checkinout.c - manage a sharable device * * You must define the HAVE_FCHOWN macro on the compile command * line if you have the fchown() system call. * Otherwise don't bother using this thing because it can let * anyone change the ownership of any file (more or less ...) * It is only safe without HAVE_FCHOWN if you have no writable * directories on the root partition (which should be the only * place with files owned by UNUSED_NAME) and if your system * does not have symbolic links. * * You should define the HAVE_FUSER macro if you have the fuser * command. It will be used to clean the device before giving * it to you. * * To compile and install this source code, feed to /bin/sh * as root. */ #include <sys/types.h> #include <sys/stat.h> #include <pwd.h> #include <stdio.h> #define UNUSED_NAME "share" #define SHARE_FILES "/etc/checkinout" usage () { fprintf (stderr, "usage:\tcheckin <device>\n\tcheckout <device>\n"); exit (1); } main (argc, argv) int argc; char **argv; { struct passwd *pwd; uid_t unused_uid; struct stat sb; enum { in, out, unknown } in_out; char *cp; char *Prog; int fd; char buf[BUFSIZ]; FILE *valid; char *strchr(); if (argc != 2) usage (); if (Prog = strchr (argv[0], '/')) Prog++; else Prog = argv[0]; if (strcmp ("checkin", Prog) == 0) in_out = in; else if (strcmp ("checkout", Prog) == 0) in_out = out; else usage (); if (! (valid = fopen (SHARE_FILES, "r"))) { fprintf (stderr, "no list of shared devices in %s\n", SHARE_FILES); exit (1); } while (fgets (buf, sizeof buf, valid)) { if (cp = strchr (buf, '\n')) *cp = '\0'; if (strcmp (argv[1], buf) == 0) break; } if (feof (valid)) { fprintf (stderr, "unknown device: %s\n", argv[1]); exit (1); } if ((pwd = getpwnam (UNUSED_NAME)) == 0) { fprintf (stderr, "no sharable device owner\n"); exit (1); } #ifdef HAVE_FCHOWN if ((fd = open (argv[1], O_RDONLY|O_NDELAY)) < 0) { perror (argv[1]); exit (1); } if (fstat (fd, &sb)) { perror (argv[1]); exit (1); } if (in_out == in && sb.st_uid != getuid () && getuid () != 0) { fprintf (stderr, "device not owned by invoker\n"); exit (1); } if (in_out == out && sb.st_uid != pwd->pw_uid && getuid () != 0) { fprintf (stderr, "device not owned by %s\n", UNUSED_NAME); exit (1); } if (fchown (fd, in_out == in ? pwd->pw_uid:getuid(), sb.st_gid)) { perror (argv[1]); exit (1); } if (fchown (fd, 0)) { perror (argv[1]); exit (1); } close (fd); #else if (stat (argv[1], &sb)) { perror (argv[1]); exit (1); } if (in_out == in && sb.st_uid != getuid () && getuid () != 0) { fprintf (stderr, "device not owned by invoker\n"); exit (1); } if (in_out == out && sb.st_uid != pwd->pw_uid && getuid () != 0) { fprintf (stderr, "device not owned by %s\n", UNUSED_NAME); exit (1); } if (chown (argv[1], in_out == in ? pwd->pw_uid:getuid(), sb.st_gid)) { perror (argv[1]); exit (1); } if (chmod (argv[1], 0)) { perror (argv[1]); exit (1); } #endif #ifdef HAVE_FUSER sprintf (buf, "fuser -k %s >> /dev/null", argv[1]); (void) system (buf); #endif exit (0); } -- John F. Haugh II | Distribution to | UUCP: ...!cs.utexas.edu!rpp386!jfh Ma Bell: (512) 255-8251 | GEnie PROHIBITED :-) | Domain: jfh@rpp386.cactus.org "If liberals interpreted the 2nd Amendment the same way they interpret the rest of the Constitution, gun ownership would be mandatory."