> > I think it would be most intuitive for users if we can manage to have
the
> > floppy automounted when it is inserted and autounmounted when removed.
Dirty
> > data needs to be flushed expediently for this to work well.
>
> And what user owns the floppy ? Everybody who is logged in?
> Can anybody write to it? Can everybody write to it.
>
I think this is the minimal issue in this case. The best option would
be that when using the automatic floppy handing to set the floppy
read/writing rights to the users logged into the console and root. After
that the other ok option is to just allow access on the floppy based on the
device and floppy filesystem permissions. On floppy filesystems that lack
permissions it becomes even easier as only the permissions on the device or
those set through /etc/fstab would matter.
> It the user who put the floppy in the drive stores some sensitive
> data (X.509 certificates come to mind) who can read it?.
>
The floppy device is already inheritly insecure. Even if you tried to
secure your files on the floppy with some other username I could easily just
take that floppy to some other machine where I can log in as root and access
your floppy files from there. As for securing the files while you are using
the floppy from other telneted users well permissions could be set on the
filesystem you are using on the floppy or you could mount the floppy
manually or other workarounds. The idea is to have the workaround for the
rare cases such as the one you state above and simplify the interaction for
the common cases. Furthermore the automatic floppy handling is mainly meant
for single user machines.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Fri Jun 23 2000 - 21:00:21 EST