chown jtwdyp: /dev/hda8 /dev/hda9 /dev/hda10 [fstab: owner, noauto]

Tez binary_y2k2 at blueyonder.co.uk
Tue Mar 13 22:54:31 UTC 2007 

Joe(theWordy)Philbrook wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
>
> It would appear that on Mar 13, Daniel Pittman did say:
>
>   
>> "Joe(theWordy)Philbrook" <jtwdyp at ttlc.net> writes:
>>
>>     
>>> chown jtwdyp: /dev/hda8 /dev/hda9 /dev/hda10
>>> Is this way I'm supposed to give these partitions to user jtwdyp ???
>>>       
>> Not in a world with udev, no.
>>
>>     
>
> Oh... "udev" Shoulda guessed that it would have something to do with it.
>
>   
>>> /etc/fstab contains:
>>> /dev/hda10 ext2 /home/jtwdyp/hda10 ext2 defaults,owner,noauto 0 2
>>>       
> <<snip>>
>   
>> Are you sure it wouldn't be better to permit jtwdyp to mount and unmount
>> them as root, using sudo, without a password?  (or even with one?)
>>
>>     
> I wouldn't give sudo to a user account I routinely use, any more than
> I'd routinely run as root.  I'm not in complete agreement with the
> idea that sudo is better than su -c... But the one thing I did agree with
> was that if the hacker has to guess the user name as well as the password
> it's harder than cracking an enabled root password because they already
> know the username...  But if the account is routinely used it's likely
> that I'll forget to check for shoulder surfers sometime when I'm logging
> in. Thus making it less secure than the root account would have been.
> Thus:
> I won't give sudo privileges to any username I use for routine activity.
> first I gotta su to a suduer account, THEN I can sudo... And doing that
> every time I want to mount or unmount one of these partitions would be
> too much like work! <grin>
>
>   
<<snip>>
You don't have to give the user full access, with sudo you can limit the 
commands a user can run as root,
eg you can have something like this in /etc/sudoers:
jtwdyp ALL = mount /dev/hda10
this would allow jtwdyp to mount /dev/hda10 (but only hda10) by using 
his password, that would allow you to have more security but let the use 
mount the partition.
man sudoers (in a console)
man:/sudoers (in konqueror)
for more

Tez

More information about the kubuntu-users mailing list