[Prev][Next][Index][Thread]

Re: QCAM 0.1 now available



> Scott Laird writes:
> 
>  > This program *must* be run as root to allow access to the parallel
>  > port.  This program should *not* be run SUID root, as it does very
>  > little error checking.
> 
> There's little difference between running it while logged in as root
> vs running it SUID root.  Security concerns are reasonable.  I
> modified qcam.c so that it resets the userid just after getting the
> I/O permissions.  It's possible to call setuid(0) before resetting
> permissions, but it's not necessary to reset permissions because they
> only apply to the current process, and it's going away.
> 
>    /* Attempt to get permission to access IO ports.  Must be root */
> 
>    if (ioperm(qcport, 3, 1)) {
>      fprintf(stderr, "%s: can't get ioperm.  Exiting.\n",argv[0]);
>      exit(1);
>    }
> 
> +  setuid(getuid());
> 
> Now the makefile needs an ``install'' procedure which includes:
> 
> 	chown root qcam
> 	chmod u+s qcam
> 

What worried me was a malicious user doing something like 'qcam -p 
0x1f0' and taking out a hard drive.  I figure someone logged in as root 
was more likely to be careful.  Now that I have a configuration file, I 
should be able to disable the -p option for everyone but root and run 
SUID without too many problems.  Thanks, I'll add this for 0.2, which 
should be out sometime before the weekend, depending on how much time I 
have to work on this.


Scott
-- 
Scott A. Laird   |  "But this goes to 18,446,744,073,709,551,615"
scott@laird.com  |                - Nigel on his new 64-bit computer



Follow-Ups: References: