users can't execute certain setuid commands

terence · 04-23-2014, 02:30 PM

Hello,

I'm running CentOS 6.5 with 3.10.32-11.el6.centos.alt.x86_64 kernel.
I have the usual /etc/fstab set up to allow users to mount USB memory sticks, DVDs etc. However, sometimes I'd like to mount a device using
a different file system than that specified in /etc/fstab and I noticed that even though /bin/mount is setuid, normal users can't do
'mount -t': I get a message saying "mount: only root can do that".
Why is that, and is there anything else I can do to allow users to do
'mount -t'? I thought the whole point of setuid is that whoever executes the command does so as root?

Similarly, in new versions of linux, normal users can no longer execute ifup and ifdown, even though the relevant ifcfg- file has the line

USERCTL=yes

(There is no error message - when a user tries to execute ifup, it
just does nothing until CTL-C is pressed.) Changing the permissions
of ifup/ifdown to setuid has no effect. Again, why is that?

Of course, I know I can use 'sudo', but setuid for certain commands
seems to be a less cumbersome solution, and what is the point of setuid if normal users still can't execute those commands?

Thanks in advance for any help.
Terence

linosaurusroot · 04-24-2014, 06:56 AM

If you allow users to mount anything they like anywhere they like this gives them root shells.

If you want your users to have root shells give them a sudo rule to run a root shell. They can do any mount activity they need with such a shell.

If you don't want your users to have root shells you can't let them mount except in ways you've approved. Imagine what happens after they mount over /etc/ and their supplied passwd and shadow files are in use.

rknichols · 04-24-2014, 10:12 AM

Commands like mount offer a subset of their capabilities to the non-root user. In the case of mount, you are allowed to mount filesystems listed in /etc/fstab with the "user" or "users" option, but only with a single argument specifying either the device or the mount point plus a possible "-r" (read-only) flag. All of the other parameters must come from /etc/fstab, and those would typically include "nosuid" and "nodev" options. Giving a non-root user more control than that would be a very serious security hole.