There is a setuid bit on the file.
user@host:~$ ls -l /bin/mount
-rwsr-xr-x 1 root root 40152 May 26 19:31 /bin/mount
Why does operating system require root access to execute the 'mount'?
user@host:~$ /bin/mount /dev/sdb1 /mnt
mount: only root can do that
user@host:~$ sudo /bin/mount /dev/sdb1 /mnt
user@host:~$ lsblk | grep sdb
sdb 8:16 0 102M 0 disk
└─sdb1 8:17 0 101M 0 part /mnt
My /etc/fstab
# / was on /dev/sda1 during installation
UUID=026bb2d9-1c0c-4163-85a1-f83b2221eb34 / ext4 errors=remount-ro 0 1
# swap was on /dev/sda5 during installation
UUID=aec6b039-13b1-4568-abb1-2be1f3429325 none swap sw 0 0
Best Answer
Unix has the concept of real and effective UIDs (and GIDs for that matter).
When you run a setuid program then the effective ID of the process is set to the owner of the file.
So in the case of
mount
you have an effective ID ofroot
. But you still have a real ID ofuser
.Programs such as
passwd
orsu
ormount
can check the real ID to see who is running it and act differently accordingly. Forpasswd
this allows theroot
user to change another's password; forsu
it allows switching users without knowing the password.For
mount
it allows users to mount their own filesystems if they are defined in/etc/fstab
and have theuser
attribute associated with themeg in my Debian
fstab
I have:This means a non-root user can run
mount /dev/sr0
ormount /media/cdrom0
and it will attempt to mount the CD/DVD.This is logic built into the
mount
program itself; it checks the real ID of the caller.