|
|
comp.os.linux.security
Affichage de l'article :
Re: How secure is this to access par port as none-root user ?
Date :
Le 04 avril 2008
From :
s. keeling
Sujet :
Re: How secure is this to access par port as none-root user ?
hihihi :
>
> Here is a article about accessing a parallel port as non-root user in
> linux.
> http://linuxgazette.net/112/radcliffe.html
>
> Is it as secure as mentioned in this article ?
"The I/O enabling program then drops down to the privileges of the
real user who started it using the C functions setgid() and
setuid(). These functions do not effect the I/O access permissions
or process priority."
"The I/O enabling program then loads the application program over
its own code space by using the C function execvp(). This means
the application program is now running with user (not root)
privileges, and with I/O access limited to only those I/O ports
enabled by the trusted I/O enabling program."
'Sounds good to me. Careful who you let at that SUID program and
check it (md5sum cf. read-only copy) regularly, but I see nothing
egregiously wrong in this. It's root who's making all this happen, so
it's fine with the OS. I haven't read the whole thing so I don't
really know what his intent is. I do wonder if there's other, less
intrusive, ways to get what he wants, such as creating a new group
which owns that SUID thing and add the user to that group and make it
SGID instead? That may just be quibbling, and no better than the
original; speculating.
The LG editorial staff are pretty sharp people, and they're careful
about what they publish. I'd imagine this one received their usual
scrutiny.
Aside, why is Linux Journal still alive after what they tried to do
to LG? :-P
--
Any technology distinguishable from magic is insufficiently advanced.
(*) http://blinkynet.net/comp/uip5.html Linux Counter #80292
- - http://www.faqs.org/rfcs/rfc1855.html Please, don't Cc: me.
Posez vos questions, réponses et remarques sur
les forums de AuthSecu
|
|