Re: How do I deny user to mount floppy, cdrom and usbstick ?

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

To: For users of Fedora Core releases <fedora-list@xxxxxxxxxx>
Subject: Re: How do I deny user to mount floppy, cdrom and usbstick ?
From: "H. Streit" <hstreit@xxxxxxxx>
Date: Wed, 09 Feb 2005 09:50:01 -0600
In-reply-to: <[email protected]>
List-archive: <https://www.redhat.com/archives/fedora-list>
List-help: <mailto:[email protected]?subject=help>
List-id: For users of Fedora Core releases <fedora-list.redhat.com>
List-post: <mailto:[email protected]>
List-subscribe: <http://www.redhat.com/mailman/listinfo/fedora-list>, <mailto:[email protected]?subject=subscribe>
List-unsubscribe: <http://www.redhat.com/mailman/listinfo/fedora-list>, <mailto:[email protected]?subject=unsubscribe>
References: <[email protected]> <[email protected]> <[email protected]>
Reply-to: For users of Fedora Core releases <fedora-list@xxxxxxxxxx>
User-agent: Mozilla/5.0 (X11; U; Linux i686; en-US; rv:1.7.5) Gecko/20041129

hm, maybe I'm just being a bit of a joykill, but if you don't want them to mount floppys, cdroms, and usbsticks, (and if they're not supposed to be mounting anything at all) couldn't you just root@localhost# chown root.root `which mount` && \ chmod go-rwx `which mount` And be done with it? Also, if the floppy, cdrom, and usbstick devices all belong to respective groups, couldn't you just rip the users out of the groups in the /etc/group file?

Paul Howarth wrote:

Thomas Cameron wrote:
----- Original Message ----- From: "Karl-Olov Serrander" <kase@xxxxxxxx>
To: <fedora-list@xxxxxxxxxx>
Sent: Wednesday, February 09, 2005 7:22 AM
Subject: How do I deny user to mount floppy, cdrom and usbstick ?
Running FC2/FC3 in a sensitive environment we need to deny ordinary
users the possibilty to read or write floppy/cdrom/usbsticks.
We need to be able to give som users/machines permissions to do nothing/read/write floppy/cdrom/usbsticks.
How can this be done ?
Regards
--
Karl-Olov Serrander kase@xxxxxxxx
I *think* you can turn off the floppy and cdrom in /etc/modprobe.conf with something like:
alias floppy off
alias cdrom off
I am not sure about USB...  Maybe:
alias usb-storage off
Another possibility might be to copy /usr/share/doc/hal-*/conf/storage-skip-all.fdi to /usr/share/hal/fdi/95userpolicy, which according to "man fstab-sync" (FC3) will ensure that no entries for storage devices will be added to /etc/fstab; with no entry there, users shouldn't be able to mount anything (I think).
Paul.

Follow-Ups:
- Re: How do I deny user to mount floppy, cdrom and usbstick ?
  - From: Craig White
- Re: How do I deny user to mount floppy, cdrom and usbstick ?
  - From: Paul Howarth

References:
- How do I deny user to mount floppy, cdrom and usbstick ?
  - From: Karl-Olov Serrander
- Re: How do I deny user to mount floppy, cdrom and usbstick ?
  - From: Thomas Cameron
- Re: How do I deny user to mount floppy, cdrom and usbstick ?
  - From: Paul Howarth

Prev by Date: Re: How do I deny user to mount floppy, cdrom and usbstick ?
Next by Date: Re: what's removing my cdrom link?
Previous by thread: Re: How do I deny user to mount floppy, cdrom and usbstick ?
Next by thread: Re: How do I deny user to mount floppy, cdrom and usbstick ?
Index(es):
- Date
- Thread

[Index of Archives] [Current Fedora Users] [Fedora Desktop] [Fedora SELinux] [Yosemite News] [Yosemite Photos] [KDE Users] [Fedora Tools] [Fedora Docs]

Powered by Linux