Removable media security in FreeBSD

Brett Glass brett at lariat.org
Tue Jun 10 00:04:38 PDT 2003


At 05:21 PM 6/9/2003, Doug Barton wrote:
  
>On Mon, 9 Jun 2003, Brett Glass wrote:
>
>> Allowing the user to use sudo would effectively be giving him/her root
>> privileges, which we explicitly don't want to do.
>
>No it wouldn't. You can specify the commands that you allow each user to
>run. 

Ah, but letting the user mount and unmount things effectively lets that
person do anything he or she wants, by switching around what's mounted
at key mountpoints.

--Brett



More information about the freebsd-security mailing list