Do you have a question? Post it now! No Registration Necessary. Now with pictures!
- Posted on
April 1, 2008, 10:05 pm
rate this thread
Re: How secure is this to access par port as none-root user ?
"The I/O enabling program then drops down to the privileges of the
real user who started it using the C functions setgid() and
setuid(). These functions do not effect the I/O access permissions
or process priority."
"The I/O enabling program then loads the application program over
its own code space by using the C function execvp(). This means
the application program is now running with user (not root)
privileges, and with I/O access limited to only those I/O ports
enabled by the trusted I/O enabling program."
'Sounds good to me. Careful who you let at that SUID program and
check it (md5sum cf. read-only copy) regularly, but I see nothing
egregiously wrong in this. It's root who's making all this happen, so
it's fine with the OS. I haven't read the whole thing so I don't
really know what his intent is. I do wonder if there's other, less
intrusive, ways to get what he wants, such as creating a new group
which owns that SUID thing and add the user to that group and make it
SGID instead? That may just be quibbling, and no better than the
The LG editorial staff are pretty sharp people, and they're careful
about what they publish. I'd imagine this one received their usual
Aside, why is Linux Journal still alive after what they tried to do
to LG? :-P
Any technology distinguishable from magic is insufficiently advanced.
(*) http://blinkynet.net/comp/uip5.html Linux Counter #80292
- - http://www.faqs.org/rfcs/rfc1855.html Please, don't Cc: me.
- » Is allowing syn packets on port 22 (ssh) a problem?
- — Next thread in » Linux Security
- » sshd config without rights and executions on server ? (only forwarding)
- — Previous thread in » Linux Security
- » Cloud Ace Technologies is offering Implementation Services on Cloud Computing, Cloud Serv...
- — Newest thread in » Linux Security