How secure is this to access par port as none-root user ? - Security

This is a discussion on How secure is this to access par port as none-root user ? - Security ; Hi. Here is a article about accessing a parallel port as none-root user in linux. http://linuxgazette.net/112/radcliffe.html Is it as secure as mentioned in this article ? Thanks.. -- hihihi is the username, wanadoo the domain, nl the country....

+ Reply to Thread
Results 1 to 2 of 2

Thread: How secure is this to access par port as none-root user ?

  1. How secure is this to access par port as none-root user ?


    Hi.

    Here is a article about accessing a parallel port as none-root user in
    linux.
    http://linuxgazette.net/112/radcliffe.html

    Is it as secure as mentioned in this article ?

    Thanks..

    --
    hihihi is the username, wanadoo the domain, nl the country.

  2. Re: How secure is this to access par port as none-root user ?

    hihihi :
    >
    > Here is a article about accessing a parallel port as non-root user in
    > linux.
    > http://linuxgazette.net/112/radcliffe.html
    >
    > Is it as secure as mentioned in this article ?


    "The I/O enabling program then drops down to the privileges of the
    real user who started it using the C functions setgid() and
    setuid(). These functions do not effect the I/O access permissions
    or process priority."

    "The I/O enabling program then loads the application program over
    its own code space by using the C function execvp(). This means
    the application program is now running with user (not root)
    privileges, and with I/O access limited to only those I/O ports
    enabled by the trusted I/O enabling program."

    'Sounds good to me. Careful who you let at that SUID program and
    check it (md5sum cf. read-only copy) regularly, but I see nothing
    egregiously wrong in this. It's root who's making all this happen, so
    it's fine with the OS. I haven't read the whole thing so I don't
    really know what his intent is. I do wonder if there's other, less
    intrusive, ways to get what he wants, such as creating a new group
    which owns that SUID thing and add the user to that group and make it
    SGID instead? That may just be quibbling, and no better than the
    original; speculating.

    The LG editorial staff are pretty sharp people, and they're careful
    about what they publish. I'd imagine this one received their usual
    scrutiny.

    Aside, why is Linux Journal still alive after what they tried to do
    to LG? :-P


    --
    Any technology distinguishable from magic is insufficiently advanced.
    (*) http://blinkynet.net/comp/uip5.html Linux Counter #80292
    - - http://www.faqs.org/rfcs/rfc1855.html Please, don't Cc: me.

+ Reply to Thread