Message-ID: <email address hidden>
Date: Tue, 13 Jul 2004 18:11:57 +0200
From: Ludovic Rousseau <email address hidden>
To: Matt Zimmerman <email address hidden>, <email address hidden>
Cc: David Pettersson <email address hidden>
Subject: Re: Bug#258847: libpisock8: System serial device permissions overridden
Le Monday 12 July 2004 �1:18:32, Matt Zimmerman a �it:
> However, I do question the need for this mechanism...isn't it simpler to
> require that users be added to the dialout group? That is its purpose.
I discussed about this possibility in bug #205125.
If the user belongs to the group dialout he will also have access to the
other serial ports. Maybe that's too permissive and considered as a
(grave) security problem.
Another solution is to create a "pda" group and change the group of the
serial device. But you will have a problem if you connect something else
on the serial port (like a modem).
Do we (Debian) have a policy on how to manage access rights on the
serial ports, and not just for modem access?
Bye,
--
Dr. Ludovic Rousseau <email address hidden>
-- Normaliser Unix c'est comme pasteuriser le camembert, L.R. --
Message-ID: <email address hidden>
Date: Tue, 13 Jul 2004 18:11:57 +0200
From: Ludovic Rousseau <email address hidden>
To: Matt Zimmerman <email address hidden>, <email address hidden>
Cc: David Pettersson <email address hidden>
Subject: Re: Bug#258847: libpisock8: System serial device permissions overridden
Le Monday 12 July 2004 �1:18:32, Matt Zimmerman a �it:
> However, I do question the need for this mechanism...isn't it simpler to
> require that users be added to the dialout group? That is its purpose.
I discussed about this possibility in bug #205125.
If the user belongs to the group dialout he will also have access to the
other serial ports. Maybe that's too permissive and considered as a
(grave) security problem.
Another solution is to create a "pda" group and change the group of the
serial device. But you will have a problem if you connect something else
on the serial port (like a modem).
Do we (Debian) have a policy on how to manage access rights on the
serial ports, and not just for modem access?
Bye,
--
Dr. Ludovic Rousseau <email address hidden>
-- Normaliser Unix c'est comme pasteuriser le camembert, L.R. --