[Prev][Next][Index][Thread]

Re: cqcam-40b RPM



> qcam::81:dmiller,rmiller,kmiller,bleep
> 
> in my /etc/group file. and I have made my parallel port accessible to that
> group:
> 
> chgrp qcam /dev/lp?
> chmod gu+wr /dev/lp?
> 
> I think that this neatly avoids SUID binaries.

Unfortunately, no.  /dev/lp? are character devices intended to talk to 
printers and printer-like devices only.  cqcam talks directly to the 
system's I/O ports and thus actually does require root permissions.
(Otherwise the ioperm() call fails.)

You could make the SUID binaries roughly equivalent, permissions-wise, to 
what you had above:
  chown root.qcam cqcam xcqcam
  chmod 4710 cqcam xcqcam
That's pretty much what I have on my system.

--Patrick

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
| Genius may have its        | Patrick Reynolds <patrickr@iname.com>        |
| limitations, but stupidity | Second-year UVA CS major .and. geek for hire |
| is not thus handicapped.   | http://devnull.dorm.virginia.edu/~patrick/   |
|           --Elbert Hubbard |                                              |
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

References: